ANDROID STATIC ANALYSIS REPORT

 Cuadrantes de Paz (1.41.10)

File Name: Cuadrantes De Paz_1.41.10_APKPure.apk

Package Name: com.cuadrantesdepaz.app

Scan Date: Aug. 1, 2024, 5:12 p.m.

App Security Score: 51/100 (MEDIUM RISK)

Grade:
B
 FINDINGS SEVERITY

 HIGH  MEDIUM  INFO  SECURE  HOTSPOT

1 15 3 1 1

 FILE INFORMATION
File Name: Cuadrantes De Paz_1.41.10_APKPure.apk
Size: 9.18MB
MD5: 1e3c303701f47f8e8f0d1585af0047e2
SHA1: 6a3b600c3dd3798246e0441b3af073396cbc7f40
SHA256: fda43846ba9325f6b97dbacd19e347783683f4682c8808eac2b31a909c4835db

 APP INFORMATION
App Name: Cuadrantes de Paz
Package Name: com.cuadrantesdepaz.app
Main Activity: com.cuadrantesdepaz.app.MainActivity
Target SDK: 32
Min SDK: 22
Max SDK:
Android Version Name: 1.41.10
Android Version Code: 14110
 APP COMPONENTS
Activities: 6
Services: 7
Receivers: 6
Providers: 7
Exported Activities: 2
Exported Services: 3
Exported Receivers: 2
Exported Providers: 0

 CERTIFICATE INFORMATION
Binary is signed
v1 signature: True
v2 signature: True
v3 signature: True
v4 signature: False
X.509 Subject: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
Signature Algorithm: rsassa_pkcs1v15
Valid From: 2021-01-16 17:01:45+00:00
Valid To: 2051-01-16 17:01:45+00:00
Issuer: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
Serial Number: 0xb3177fcaebc2fad3d2680e4a9ebe26fba72889e4
Hash Algorithm: sha256
md5: db9f4c4274f084f2274604c7eb660bd0
sha1: 0ed861366e094a24ef5aa3cdda6476b7d0a337e0
sha256: 3a26306af5719fd36bda4497bf04f253c15d772e64e15b16cefe85e0f40e2d99
sha512: e3aa754427f6a3cea73235a022bfbdc3a34edbc99d84fc4245c27fca2f82c073aafb20dc23b7be66a8f549806a31e93c65a957b213d1ce68db0ef49ffcde1c7d
PublicKey Algorithm: rsa
Bit Size: 4096
Fingerprint: 92c8f8d4248990df6990b15112956766526c23fc9817df92541104994aee6bc5
Found 1 unique certificates
 APPLICATION PERMISSIONS

PERMISSION STATUS INFO DESCRIPTION

android.permission.INTERNET normal full Internet access Allows an application to create network sockets.

read/modify/delete
android.permission.WRITE_EXTERNAL_STORAGE dangerous external storage Allows an application to write to external storage.
contents

prevent phone from Allows an application to prevent the phone from going
android.permission.WAKE_LOCK normal
sleeping to sleep.

Access coarse location sources, such as the mobile

network database, to determine an approximate
coarse (network-based)
android.permission.ACCESS_COARSE_LOCATION dangerous phone location, where available. Malicious applications
location
can use this to determine approximately where you
are.

Access fine location sources, such as the Global

Positioning System on the phone, where available.
android.permission.ACCESS_FINE_LOCATION dangerous fine (GPS) location Malicious applications can use this to determine
where you are and may consume additional battery
power.

Allows access to the list of accounts in the Accounts

android.permission.GET_ACCOUNTS dangerous list accounts
Service.

use the authentication

android.permission.USE_CREDENTIALS dangerous credentials of an Allows an application to request authentication tokens.
account

read external storage

android.permission.READ_EXTERNAL_STORAGE dangerous Allows an application to read from external storage.
contents
PERMISSION STATUS INFO DESCRIPTION

Allows an application to view the status of all

android.permission.ACCESS_NETWORK_STATE normal view network status
networks.

android.permission.VIBRATE normal control vibrator Allows the application to control the vibrator.

enables regular apps to

Allows a regular application to use
android.permission.FOREGROUND_SERVICE normal use
Service.startForeground.
Service.startForeground.

show notification count Show notification count or badge on application

com.sec.android.provider.badge.permission.READ normal
on app launch icon for samsung phones.

show notification count Show notification count or badge on application

com.sec.android.provider.badge.permission.WRITE normal
on app launch icon for samsung phones.

show notification count Show notification count or badge on application

com.htc.launcher.permission.READ_SETTINGS normal
on app launch icon for htc phones.

show notification count Show notification count or badge on application

com.htc.launcher.permission.UPDATE_SHORTCUT normal
on app launch icon for htc phones.

show notification count Show notification count or badge on application

com.sonyericsson.home.permission.BROADCAST_BADGE normal
on app launch icon for sony phones.

show notification count Show notification count or badge on application

com.sonymobile.home.permission.PROVIDER_INSERT_BADGE normal
on app launch icon for sony phones.

show notification count Show notification count or badge on application

com.anddoes.launcher.permission.UPDATE_COUNT normal
on app launch icon for apex.
PERMISSION STATUS INFO DESCRIPTION

show notification count Show notification count or badge on application

com.majeur.launcher.permission.UPDATE_BADGE normal
on app launch icon for solid.

show notification count Show notification count or badge on application

com.huawei.android.launcher.permission.CHANGE_BADGE normal
on app launch icon for huawei phones.

show notification count Show notification count or badge on application

com.huawei.android.launcher.permission.READ_SETTINGS normal
on app launch icon for huawei phones.

show notification count Show notification count or badge on application

com.huawei.android.launcher.permission.WRITE_SETTINGS normal
on app launch icon for huawei phones.

android.permission.READ_APP_BADGE normal show app notification Allows an application to show app icon badges.

show notification count Show notification count or badge on application

com.oppo.launcher.permission.READ_SETTINGS normal
on app launch icon for oppo phones.

show notification count Show notification count or badge on application

com.oppo.launcher.permission.WRITE_SETTINGS normal
on app launch icon for oppo phones.

me.everything.badger.permission.BADGE_COUNT_READ unknown Unknown permission Unknown permission from android reference

me.everything.badger.permission.BADGE_COUNT_WRITE unknown Unknown permission Unknown permission from android reference

recieve push Allows an application to receive push notifications

com.google.android.c2dm.permission.RECEIVE normal
notifications from cloud.

 APKID ANALYSIS
 FILE DETAILS

FINDINGS DETAILS

Build.FINGERPRINT check
Build.MODEL check
Anti-VM Code Build.MANUFACTURER check
classes.dex Build.PRODUCT check
possible Build.SERIAL check

Anti Debug Code Debug.isDebuggerConnected() check

Compiler r8 without marker (suspicious)

 NETWORK SECURITY

NO SCOPE SEVERITY DESCRIPTION

 CERTIFICATE ANALYSIS
HIGH: 0 | WARNING: 1 | INFO: 1

TITLE SEVERITY DESCRIPTION

Signed Application info Application is signed with a code signing certificate

 TITLE SEVERITY DESCRIPTION

Application Application is signed with v1 signature scheme, making it vulnerable to Janus vulnerability on Android 5.0-8.0, if signed
vulnerable to Janus warning only with v1 signature scheme. Applications running on Android 5.0-7.0 signed with v1, and v2/v3 scheme is also
Vulnerability vulnerable.

 MANIFEST ANALYSIS
HIGH: 1 | WARNING: 8 | INFO: 0 | SUPPRESSED: 0

NO ISSUE SEVERITY DESCRIPTION

This application can be installed on an older version

of android that has multiple unfixed vulnerabilities.
App can be installed on a vulnerable upatched Android version
1 high These devices won't receive reasonable security
Android 5.1-5.1.1, [minSdk=22]
updates from Google. Support an Android version =>
10, API 29 to receive reasonable security updates.

The flag [android:allowBackup] should be set to false.

By default it is set to true and allows anyone to
Application Data can be Backed up
2 warning backup your application data via adb. It allows users
[android:allowBackup] flag is missing.
who have enabled USB debugging to copy application
data off of the device.

Broadcast Receiver (nl.xservices.plugins.ShareChooserPendingIntent) is not A Broadcast Receiver is found to be shared with other
3 Protected. warning apps on the device therefore leaving it accessible to
[android:exported=true] any other application on the device.
NO ISSUE SEVERITY DESCRIPTION

An Activity is found to be shared with other apps on

the device therefore leaving it accessible to any other
application on the device. It is protected by a
permission which is not defined in the analysed
Activity (com.adobe.phonegap.push.PushHandlerActivity) is Protected by a
application. As a result, the protection level of the
permission, but the protection level of the permission should be checked.
4 warning permission should be checked where it is defined. If it
Permission: com.cuadrantesdepaz.app.permission.PushHandlerActivity
is set to normal or dangerous, a malicious application
[android:exported=true]
can request and obtain the permission and interact
with the component. If it is set to signature, only
applications signed with the same certificate can
obtain the permission.

An Activity is found to be shared with other apps on

the device therefore leaving it accessible to any other
application on the device. It is protected by a
permission which is not defined in the analysed
Activity (com.adobe.phonegap.push.BackgroundHandlerActivity) is Protected by
application. As a result, the protection level of the
a permission, but the protection level of the permission should be checked.
5 warning permission should be checked where it is defined. If it
Permission: com.cuadrantesdepaz.app.permission.BackgroundHandlerActivity
is set to normal or dangerous, a malicious application
[android:exported=true]
can request and obtain the permission and interact
with the component. If it is set to signature, only
applications signed with the same certificate can
obtain the permission.

A Service is found to be shared with other apps on the

Service (com.adobe.phonegap.push.FCMService) is not Protected.
6 warning device therefore leaving it accessible to any other
[android:exported=true]
application on the device.

Service (com.adobe.phonegap.push.PushInstanceIDListenerService) is not A Service is found to be shared with other apps on the
7 Protected. warning device therefore leaving it accessible to any other
[android:exported=true] application on the device.
 NO ISSUE SEVERITY DESCRIPTION

A Service is found to be shared with other apps on the

device therefore leaving it accessible to any other
application on the device. It is protected by a
Service (com.google.android.gms.auth.api.signin.RevocationBoundService) is
permission which is not defined in the analysed
Protected by a permission, but the protection level of the permission should be
application. As a result, the protection level of the
checked.
8 warning permission should be checked where it is defined. If it
Permission:
is set to normal or dangerous, a malicious application
com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION
can request and obtain the permission and interact
[android:exported=true]
with the component. If it is set to signature, only
applications signed with the same certificate can
obtain the permission.

A Broadcast Receiver is found to be shared with other

apps on the device therefore leaving it accessible to
any other application on the device. It is protected by
Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) is a permission which is not defined in the analysed
Protected by a permission, but the protection level of the permission should be application. As a result, the protection level of the
9 checked. warning permission should be checked where it is defined. If it
Permission: com.google.android.c2dm.permission.SEND is set to normal or dangerous, a malicious application
[android:exported=true] can request and obtain the permission and interact
with the component. If it is set to signature, only
applications signed with the same certificate can
obtain the permission.

 CODE ANALYSIS
HIGH: 0 | WARNING: 5 | INFO: 3 | SECURE: 0 | SUPPRESSED: 0

NO ISSUE SEVERITY STANDARDS FILES

NO ISSUE SEVERITY STANDARDS FILES

App can read/write to External CWE: CWE-276: Incorrect Default Permissions

1 Storage. Any App can read data warning OWASP Top 10: M2: Insecure Data Storage nl/xservices/plugins/SocialSharing.java
written to External Storage. OWASP MASVS: MSTG-STORAGE-2

This App copies data to clipboard.

Sensitive data should not be copied
2 info nl/xservices/plugins/SocialSharing.java
to clipboard as other applications can OWASP MASVS: MSTG-STORAGE-10
access it.

com/adobe/phonegap/push/Backgrou
ndActionButtonHandler.java
com/adobe/phonegap/push/Backgrou
ndHandlerActivity.java
com/adobe/phonegap/push/FCMServic
e.java
com/adobe/phonegap/push/PushDism
issedHandler.java
com/adobe/phonegap/push/PushHand
lerActivity.java
com/adobe/phonegap/push/PushInsta
nceIDListenerService.java
com/adobe/phonegap/push/PushPlugi
n.java
com/andreszs/smsretriever/SMSRetrie
ver.java
de/appplant/cordova/plugin/notificatio
n/action/ActionGroup.java
de/appplant/cordova/plugin/notificatio
n/util/AssetUtil.java
io/sqlc/SQLiteAndroidDatabase.java
io/sqlc/SQLiteConnectorDatabase.java
io/sqlc/SQLitePlugin.java
me/leolin/shortcutbadger/ShortcutBad
CWE: CWE-532: Insertion of Sensitive Information into ger.java
The App logs information. Sensitive
3 info Log File net/gotev/uploadservice/logger/Defaul
information should never be logged.
OWASP MASVS: MSTG-STORAGE-3 tLoggerDelegate.java
 net/ypresto/androidtranscoder/MediaT
NO ISSUE SEVERITY STANDARDS FILES
ranscoder.java
net/ypresto/androidtranscoder/engine/
MediaTranscoderEngine.java
net/ypresto/androidtranscoder/engine/
QueuedMuxer.java
net/ypresto/androidtranscoder/engine/
TextureRender.java
net/ypresto/androidtranscoder/format
/Android16By9FormatStrategy.java
net/ypresto/androidtranscoder/format
/Android720pFormatStrategy.java
net/ypresto/androidtranscoder/format
/ExportPreset960x540Strategy.java
nl/xservices/plugins/GooglePlus.java
ve/com/sigis/plugin/applicationPlugin/
App.java
ve/com/sigis/plugin/bridge/Bridge.java
ve/com/sigis/plugin/location/SLocation
.java
ve/com/sigis/plugin/location/TimeoutH
andler.java
ve/com/sigis/plugin/location/locationPl
ugin.java

CWE: CWE-327: Use of a Broken or Risky

SHA-1 is a weak hash known to have Cryptographic Algorithm
4 warning nl/xservices/plugins/GooglePlus.java
hash collisions. OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4

com/adobe/phonegap/push/FCMServic
e.java
com/adobe/phonegap/push/PushCons
CWE: CWE-312: Cleartext Storage of Sensitive
Files may contain hardcoded tants.java
Information
5 sensitive information like usernames, warning de/appplant/cordova/plugin/badge/Ba
OWASP Top 10: M9: Reverse Engineering
passwords, keys etc. dgeImpl.java
OWASP MASVS: MSTG-STORAGE-14
net/gotev/uploadservice/extensions/Co
ntextExtensionsKt.java
nl/xservices/plugins/GooglePlus.java
NO ISSUE SEVERITY STANDARDS FILES

App uses SQLite Database and

execute raw SQL query. Untrusted
CWE: CWE-89: Improper Neutralization of Special
user input in raw SQL queries can
6 warning Elements used in an SQL Command ('SQL Injection') io/sqlc/SQLiteAndroidDatabase.java
cause SQL Injection. Also sensitive
OWASP Top 10: M7: Client Code Quality
information should be encrypted and
written to the database.

CWE: CWE-330: Use of Insufficiently Random Values

The App uses an insecure Random de/appplant/cordova/plugin/notificatio
7 warning OWASP Top 10: M5: Insufficient Cryptography
Number Generator. n/Builder.java
OWASP MASVS: MSTG-CRYPTO-6

App can write to App Directory.

CWE: CWE-276: Incorrect Default Permissions com/adobe/phonegap/push/FCMServic
8 Sensitive Information should be info
OWASP MASVS: MSTG-STORAGE-14 e.java
encrypted.

 SHARED LIBRARY BINARY ANALYSIS

STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
armeabi-v7a/libsqlc-ndk-
1 making that overflows cannot be RPATH
native-driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
x86/libsqlc-ndk-native-
2 making that overflows cannot be RPATH
driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
arm64-v8a/libsqlc-ndk-
3 making that overflows cannot be RPATH
native-driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
x86_64/libsqlc-ndk-native-
4 making that overflows cannot be RPATH
driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
armeabi-v7a/libsqlc-ndk-
5 making that overflows cannot be RPATH
native-driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
x86/libsqlc-ndk-native-
6 making that overflows cannot be RPATH
driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
arm64-v8a/libsqlc-ndk-
7 making that overflows cannot be RPATH
native-driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.
 STACK SYMBOLS
NO SHARED OBJECT NX RELRO RPATH RUNPATH FORTIFY
CANARY STRIPPED

True True Full RELRO None None True False

info info info info info info warning
The binary This binary has This shared The The binary The binary has Symbols are
has NX bit a stack canary object has full binary does not the following available.
set. This value added to RELRO does not have fortified
marks a the stack so enabled. have RUNPATH functions:
memory that it will be RELRO run-time set. ['__memcpy_chk',
page non- overwritten by ensures that search '__strlen_chk',
executable a stack buffer the GOT path or '__memset_chk']
x86_64/libsqlc-ndk-native-
8 making that overflows cannot be RPATH
driver.so
attacker the return overwritten in set.
injected address. This vulnerable ELF
shellcode allows binaries. In Full
non- detection of RELRO, the
executable. overflows by entire GOT
verifying the (.got and
integrity of the .got.plt both) is
canary before marked as
function return. read-only.

 NIAP ANALYSIS v1.3

NO IDENTIFIER REQUIREMENT FEATURE DESCRIPTION

 ABUSED PERMISSIONS
 TYPE MATCHES PERMISSIONS

android.permission.INTERNET, android.permission.WRITE_EXTERNAL_STORAGE, android.permission.WAKE_LOCK,

Malware android.permission.ACCESS_COARSE_LOCATION, android.permission.ACCESS_FINE_LOCATION,
9/24
Permissions android.permission.GET_ACCOUNTS, android.permission.READ_EXTERNAL_STORAGE,
android.permission.ACCESS_NETWORK_STATE, android.permission.VIBRATE

Other
Common 2/45 android.permission.FOREGROUND_SERVICE, com.google.android.c2dm.permission.RECEIVE
Permissions

Malware Permissions:
Top permissions that are widely abused by known malware.
Other Common Permissions:
Permissions that are commonly abused by known malware.

 OFAC SANCTIONED COUNTRIES

This app may communicate with the following OFAC sanctioned list of countries.

DOMAIN COUNTRY/REGION

 DOMAIN MALWARE CHECK

DOMAIN STATUS GEOLOCATION

DOMAIN STATUS GEOLOCATION

IP: 140.82.121.4
Country: United States of America
Region: California
github.com ok City: San Francisco
Latitude: 37.775700
Longitude: -122.395203
View: Google Map

IP: 104.18.32.7
Country: United States of America
Region: Texas
stackoverflow.com ok City: Dallas
Latitude: 32.783058
Longitude: -96.806671
View: Google Map

IP: 216.58.209.170
Country: United States of America
Region: California
www.googleapis.com ok City: Mountain View
Latitude: 37.405991
Longitude: -122.078514
View: Google Map

IP: 157.240.205.60
Country: Netherlands
Region: Noord-Holland
api.whatsapp.com ok City: Amsterdam
Latitude: 52.374031
Longitude: 4.889690
View: Google Map

ws.patrullajeinteligente.org ok No Geolocation information available.

 EMAILS

EMAIL FILE

someone@domain.com nl/xservices/plugins/SocialSharing.java

 HARDCODED SECRETS

POSSIBLE SECRETS

"google_crash_reporting_api_key" : "AIzaSyA4CdcjGDalCbjuN0LDpZkcYyUoCwXFXZ8"

"google_api_key" : "AIzaSyA4CdcjGDalCbjuN0LDpZkcYyUoCwXFXZ8"

 PLAYSTORE INFORMATION
Title: Cuadrantes De Paz

Score: 3.6666667 Installs: 100,000+ Price: 0 Android Version Support: Category: Tools Play Store URL: com.cuadrantesdepaz.app

Developer Details: Cuadrante de Paz, 6917688288423202871, None, https://www.cuadrantedepaz.org/, geosintt@gmail.com,

Release Date: None Privacy Policy: Privacy link

Description:

You will be able to know the peace quadrants where you are and make reports of events that occur near you

Report Generated by - MobSF v4.0.5

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment
framework capable of performing static and dynamic analysis.

© 2024 Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.