Overview

overview

10

Static

static

6

24827c0697...3d.apk

android-9-x86

10

24827c0697...3d.apk

android-10-x64

10

24827c0697...3d.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    142s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    12/11/2024, 22:03 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    24827c06979c9d368c7d91aca9319998e6dc71a799f2e814b23f6c19fbb6c73d.apk

  • Size

    275KB

  • MD5

    1378fa7e03abae063e2ee9104436a091

  • SHA1

    4d056d4709a42ac2a12e92b49a069cf66c5c206e

  • SHA256

    24827c06979c9d368c7d91aca9319998e6dc71a799f2e814b23f6c19fbb6c73d

  • SHA512

    96558fe691ef243687063fcd94aeaec36433057cebb4856049322a8787291e0dd738f8cb3f27a215e91a5c281cbd7f9594614ef673a1d88abdb5a3a52384f693

  • SSDEEP

    6144:71q33cxqyCfO0Vel/MPPZS4mkOpW9HfWdvnqTCThnYMagt9:pS+pCfO0OGPZSK59HfWdSTCdnYZg3

Score
10/10
xloader_apkbankercollectiondiscoveryevasionimpactinfostealerpersistencestealthtrojan

Malware Config

Signatures

Processes

  • com.dbgh.rypt
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Reads the content of the MMS message.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests changing the default SMS application.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4509

Network

  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.178.14
  • flag-us
    DNS
    docs.google.com
    Remote address:
    1.1.1.1:53
    Request
    docs.google.com
    IN A
    Response
    docs.google.com
    IN A
    216.58.201.110
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:05 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-zuD3fz-u-uVx9yhAbwYK3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0HlUVEcWBvDyvbrlQgPdqKgoCIILCkYQoyMCQtM9gBtxoZ4kakCQY3QgIpqocY1jJijjARdcQ7Mjbaujw7jFLSqKwShRSYKJ27iFJY5oC0IC8-WP37lV59ap-ur2uO3q0hbHNgvJpnSTLA9WOUj2GdjgmE6ycL1kheDhItnQ3pIZ4RIkuEp2ro9kfn3RhylukvXtL1ncAMmKPCRbOFCy9kGSJXlLphsimTuchfbhkjn6SWaAMhjhL1nOSMk2BUhmHiNZJuyAznclmzZWslvjJHsMYaGSvTcLGTTJxsLNeMkeQN5cyX5IkOwZdE-SrB_cSZYsaJFkkdCwDG-C_6fIDj-uk-w5lK2X7AR8t0GyexD5uWQzYVyWZFGQuVOyPTA4V7Ix0LFLMqfdkm3Yh7ywIQ8V_CySTYC9RZJZ4ZpNsjrodUQyHzhZIVkV_HJGsibwqpQsAFZDFkRflWw2hH-L_4G5GjOE3XAAht-UbDxU1Ep2GV6B-oNk__xJsq-guA49OAlV8M09yb4Hj4eSjYTcx5KVgvMTyQbCUfgGKqEWnj2XrAUSmyVLh6fwBhKdNXYeboJOr7EB8KyPxmLcNBYP-iCNecK8dzW2DE7Dt7DnLxorh1p4Ct2naCw0VmNTYTtsmqGxnXBc09jDeI2tn6OxbAhP0Nh7cCFRYzWgX4r7YWaGxrat0dhe-BkeQzuoazW2EbbARfgWfoQH0AR2uN-7hsUPb1ASYcsHL5XtUJfyUnkEf7_4UsmClEfNShr0e-eV4gWxca8UDQ6PtCvH4cIou5IdYFd2g0eUXRkCs1bblTkwYJ1d8YE-G-zKQHhzyq50wL7LdqUIqha1KDWwYkKrsh60kFblQ4hf0KokwunMVuUiVM96q9yGsaveKmHgcu2t4gbdb75VDBDs0qYYod_nbYoXZG5uU3L-ZGlT9kDKnt-VNNg4vUPZAm86O5QO-HpAp3IJZi7qVD6AUSs6lXGgrOxUekBROlMPQt0Dpj6CHQVd1KiiLmosDMxS1KFwxaKoN6DyEtaqqt4AT19VHQanp6vqRZg3S1VToGKTqp6HtEuq-gk0P1HVNljWg6uXPbl6HRp_G89fg0vLeO4G2fXBfDd8-Vswz4bm18G8De5Om8Bdd03gHvDw4AT-K6S4hfA0qPYN4Z7jQvgwyMwN4TvA2SeU94Hlo0P5GjibFMorYW1qKP8CaimM34MpW8P4LOi4GsZFVRg_UBPG_wX9gyZyb2DaRN4NXNzDuRu0R4VzER3O82PC-QG40RjO78O5pnB-BUREBHeCF6si-OGyCH4Oqq0R_Db0tkVwdxijM_IQuAc-fYzcD-pjjbwZznxs5JfhxXIjb4G3nxl5l9VGXnfYyB_Bk6NG3gSrbhn5ZpjTYOTJ4P7SyAeD2SuSTwX7oEhO3pH8Uy2S_wN27o3kJdBYGslfQ_CbSG6EaSBhNiTAMTgNt9xN_C78PMTEG2H0UBM3gjrcxHvC-34mPh9uL8QZ2L_ExIth4nITj4Ie2SbuAvNtJr7xrIlvga-umHj49yYeDQefmvi_YbajmSfAGU8zvwyLx5h5BjwZa-Z2eDXPzNuhLcHMeySa-eitZh4Meb2j-FVIdY_ia2AD5MCIuCg-GnJSorh3bRR_v2c0nw9VvaL5T3C6bzSvhK4ro7kzJHWN4Yshs0cMzwHrtDzqOSOP-sOl43lUDT2r88gbin_Jowp4p7uFwsAz3kLDoF-yhbz-tM5CAfBwm4U-KbTQ_lMWKobU0xZaDiHnLGQCx9cW6g0Zbyy0EcpbLXQU1r6fT1th6Nx8-m5_Pt2D9BP5tBKGX8-nQJjamU9x8OCDAnoOun0F1AsG7y8gfygrKqAjUNNcQNvSC2kv5GUX0mFoaygkpbGQFr4opCXAlSLqBfGLiygRqj2K6Tb4phZT8cZiskFtTAl1TiqhrpNL6MttJXTtWAnVwYkzJXQRDt0pof-AU14pucJsWyklwIX_llINZA8sI9cJZTQEbqwvozoQFWXkBNNzy2kOVD0tpxoIrS8nM7j-Xk4ekP9HOR2Ak_2tdAG-8rfSAbgeY6U74D7VSoOBxVqpG3QmWalrspV811gpCAbvtJI_5FRYqQBWZB6kjTDs8kEK8bWRCbxH2GgE5I6xUSkc_chGp2DyChvNhKulNroJjids1BuWnrTRKvBst9EosE45RMdg0PxDNBzsaYeoOLSebLAvuZ6KwDWtnoZAaVY9HQajoYF8pjVQEKTNaaBPwKuqgfzgzU8N1AHazw30IQwIayQf-J9spFYwn2qkqbDkfCOtgJYLjdQJE32bKBa6T2oiAwye3UT-ELinicZD0_km-gOcfV_SQJi-tpkk2GIcxFFImu4gMqBNOghFcxDXsh1EHTx87CB-hZlvHcSMNgehwQA3nfCBvwbohISyVJ04AlNzdSIOUnbpRBrc2q0Td-HVXp1ohc59OuG8XyfO3teJSshLdxSlEFXhKGKh_rijaIa4rx2FzwIn4QfdtjoJPTifw_6SkwiCukBn8Qj-WOAs9j9xFsGvnIURJrnpxQw4MlkvlizSi9oDenEX5tbrxQKwtejFUchs14sc-MJgELnwwtcgWuD5OINohfgUg_gItmcZRBHcrjSIxxB5zSAmw_pfDWKu3kVYgl1EMfRPcBHeEJzoIqZBMhSN6ykOwpxbPYWLrtud_Bsnhf58zvorXdwcpqQlLlycHJGwdOH8Qb7JSQsz0tKXjkxKm7_sb8mpGUv9F6SnpWYkpybNCxwVGBQQMGrMyFGB8z4O_D-xTiZT&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=CPW7r6rm14kDFUvu0gQdxZc7bw&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=1aw_u2MMmXxMh51XQ7OadLu1ZNJ8BC4-grwqoaKAmzGL9MLcW2ZM6v3F7sMS4qOeni2YQGtAYBB6Lm8RFG6EPbFW-IeLiIPAKGb6WZZCJz2HKUuDlhEIE1RHPcvDmm-E6NV3Dci10kAM2raFPimuebaVofvUIxEeOpK0aSH7zQ4g-K_K; expires=Wed, 14-May-2025 22:04:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:05 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-_yg9SwhuW-knVuK0txQaQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=Ykz2MceusvLTF3IzyXNP8iGDr5V_9oDHTTrvS45vMeZsj0-FwOll09TbRPjpnHpChvwn9D8jdA0zOTei9p2nc90j83MQV7rFBlhSbbFZ4OLvEdqEI-mKnk5Nq6Nbf_JMFCx_NGfDu25NlIDtSMINe9KpO0SbyxaPA1DVJC0tpCnXB70F; expires=Wed, 14-May-2025 22:04:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:08 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-U-NElLnhIrzxmWP9y_Rnqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0HlUVEcWBvDyvboVlUa6wSUiIAioKBhBjEYEhKZ7wA3iQj1J1LDJMToQEfe4xpgJ0fGAUdxp9qVtdXQYt7jFJWIwQlwS0Rh11ChLHNEWxATmyx-_U1Wn7qn71e1-r7dzezz7Skg2qatk-fCpg2Q2OKyTrBoi9JIVgYezZIN6SWaE85DYW7LTfSTzf1uyCpjkipp-ksW7SVbsIdnc_pKt9pLszQDJUrwl0w2UzB1OwZshkjn6S2aAchgaIFnuMMk2BEpmHilZNmyFznclix0l2bXRkj2E8DDJ3p-OHJpko6A2QbJ7kD9Lsp8SJfsNuqVI1hdupEoWPE-yKGhchJ4QsBT54ec1kj2B8rWSHYUf1kl2F6I-k2wajN4kWTRkb5NsJ_jmSTYSOrZL1mOHZOt2Iy-sy8cK_hbJxsKuYsmscAFuwGWbZPXQ86BkPnCsCjOFX05K1gxeFyULhJWwCWIuSTYDIr7HP8Fcg3nCDqiAobWShcDJ65Jdgaqb6AUvQP1Jsn_ekmwvlNTjDo5BNXx7V7IfweO-ZMMg76FkZeD0SLL-cAi-hYtwE357IlkrJLVIlgmP4RUkOWnsDNSCTq8xN_itj8bGu2osAfTBGvOE2e9qbBGcgO9h53saq4Sb8Bi6TdJYWJzGJsPXsGGqxrbBEU1j9xM0tnamxnIgIlFj78PZJI3VgX4h3odpWRrbskpju-AOPATf1RoLgFiQcA6-hwfQAM1gh1971bGEIY1KEmz88LnyNdSnPVcewOfnniubIO1Bi5IBfd95oXhBXPwLRYMDw-zKETg73K7kBNqVHeARbVcGwvSVdmUmuK2xKz7QZ51d6Q-vjtuVDth9wa4UQ_W8VqUOlo1tU9aCFtqmfAQJc9qUJDiR3aacg5rpr5XrMGrFayUcnC-_VlyhW-1rxQAhzu2KEfp-1q54QfZX7UruXyztyk5I2_mHkgHrp3QoG-FVZ4fSAd-4dSrnYdq8TuVDGL6sUxkNyvJOpTsUZzJ1H9TfY-oD2FrYRY0u7qLGQf9NijoIvrMo6lW4eB57VVWvgqefqg6GE1NU9RzMnq6qaVC1QVXPQMZ5VV0CLY9UtR0WdefqBU-uXoGm38fwl-DcOoa7Qk5DCN8BX_4ewnOg5WUIb4fbsWN57-1juQfc3zeWP4U011CeATV-odxzdCgfDNl5oXwrOPmE8T6weEQYXwWnUsL4RVidHsa_gJsUzu_CpM3hfDp0XArnojqcV9SF839Bv-Bx3BuYNo53BTf3CO4Db6IjuIiJ4AXjI3gFXG2K4L_C6eYI_h2IyEjeA56tiOQHyiP5aaixRvLr0MsWyd1hpM7IQ-Eu-PQxcn9oiDPyFjj5iZFfgGeLjbwVXn9q5F1WGnn9ASN_AI8OGXkzrLhm5F_BzEYjTwX350buC2avKD4Z7AOiOHlH8aVaFP8HbNsVxUuhqSyKv4TAV1H8PYgFCTMgEQ7DCbjmbuK34c5AE2-CEYNM3AjqEBN3gQ_8TTwZrs9FDexZYOIlMG6xiUdD9xwTd4Zkm4mvP2XiG2HvdyYe8aOJx8C-xyb-b5jhaOaJcNLTzC_A_JFmngWPRpm5HV7MNvM30J5o5t2TzHzEZjMPgfxe0fwSpLtH81WwDnJhaHw0HwG5adHc-2Y0_8AlhidDdc8YfgtOvB3DL8Jby2O4E6S8NZ7Ph-zu43kuWGPzyWVqPvWD80fyqQZcavLJG0p-yacqeKebhcLBM8FCg6FvqoW8_rLGQoFwf4uFlhRZaM9xC5VA-gkLLYbQ0xYygeNLC_WCrFcWWg-VbRY6BKs_KKDNMGhWAf2wp4DuQubRAloOQ64UUBBM7iygeLj3YSE9Ad3uQuoJvnsKKQDKiwvpINS1FNKWzCLaBfk5RXQA2huLSGkqornPimgBcKWYekLC_GJKghqPEroOfuklVLK-hGxwc3wpdU4opbcmltKXW0rp8uFSqoejJ0vpHOy_UUr_AZ5fRjqYYSujRDj73zKqg5z-5dR7bDkNhKtry6keRFU59YApeZU0E6ofV1IdhDVUkhl6_1FJHlDwZyVVwLF-VjoLewOsVAHuk63kCyzOSl2hW6qVDOC3ykrB4LvNSgGQW2WlQliWvY_Ww-AL-yjUz0Ym8B5qo6GQN9JGZXDoYxsdh4nLbDQNLpXZqBYcj9qoFyw8ZqMV4PnGRsPBOmk_HYYByftpCNgz9lNJWAPZYHdqAxVD74wGGghlmxroABgNjeQT20jBkDGzkZaAV3Uj-cOrW43UAdqdRvoI3MKbyAf-J5uoDczHm2gyLDjTRMug9WwTdcI4v2aKg24TmskAvjOaKQCCdjbTGGg-00x_gt7vOXnClNUtJME23kEcgpQpDiIL2qWDUDQHcTnHQdTD_YcO4ilMe-0gprY7CA3cXHXCB_4WqBMSytN14iBMztOJeEjbrhMZcG2HTtyGF7t0og06d-uE0x6dOPWrTlyE_ExHUQbRVY4iDhqOOIoWiP_GUfjM6SH8oevmHkIPTqdxPt9DBEN9kJN4AH_OcRJ7HjmJkBdOwggTXPViKhycqBcL5unFnQq9uA-zGvRiDpS16sU-yH6jF7nwhcEg8uCZn0G0wpPRBtEGCWkG8TFs2WQQRRB12SAmwtqnBjFL7yxKQ5yFFfolOgtvCElyFrGQCsm1ziJ3qYvYCQPrXMTMay7CWdf154Krx4S-bW_Z-i6uDpMykubOT41MXDg3eYBfasrcrIzMhcNSMpIX_T01PWthwJzMjPSs1PSU2UHDg4IDA4ePHDY8aPYnQf8HZiMpCA&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=CKn83avm14kDFUvu0gQdxZc7bw&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    Content-Security-Policy-Report-Only: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-U-NElLnhIrzxmWP9y_Rnqw' 'unsafe-inline';worker-src 'self' blob:
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=Lw8lh-2QANQJ_u6VadZnTnUlZ3S4OMo08aBmfOme0ZyslYh5U32ZuH51Acr18saLK5R2ZD7fxXT1ZCYvJrud33LT1GJ-gzsdMgs5UmLMJewMH2fiIJooQe02WFC0_xxz5_sFARZ-Nbrdh4tOjB_Y-8vGuB5mFcuCiwPhTrq9aYm9RNdf; expires=Wed, 14-May-2025 22:04:08 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    172.217.169.72
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:08 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-zSeA7hQwDb9ZQtnriZPxyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=3P4ChZKXIeSl_C_0gQ26y7qbfNZPsh4zU_Jr3aLyhHAfvDjIqL6H5qjKSQtSulWmzhYIP7Q3Kn5kbNF0qYiTSQTRrJk3xzTQg8U_iYJUWzTY9u7NP8NoocI_oBZSO9On0AzJGpVJzGGAVZxW-UceWt2Dd18eqwbcPCGUHxbNKBQispw; expires=Wed, 14-May-2025 22:04:08 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:13 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-H_4YuB2dXzBws7SFCK5jrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0HdU1FcWB_Dn7_fuszDIDLaIgihYUDCCGF0REIaZgJVYeD-xBQQ5RhciYo81xmxQ1wNGsc_Qyzjq6nJssUXFRqJGQ1ZMbGul6IoOIETYb_74nPfuuefc972vw52urk0xbJOQbHw7ySyw0kmyr8AOR3WSheklywUPV8n6d5HMCBchrqtkZ7tJ5vuRZMUw3k0yzx6SxfSULM9Dsnm9JGvuI1mCl2S6fpK5wxloHiiZs69kBiiCQX6SZQ6WbKO_ZOZhkqXDdmj9RLKJwyW7PUKyJxAaItlnU5FBk2w43IyV7CFYZkn2W5xkz6F9gmTd4ddEyQLnSxYB1YvxJvgtQ3b4z1rJXkDROsmOw8_rJbsPEV9LNgVGbJEsEtJ3SLYb-mZJNgxadkrWcZdk6_ciL6y34ARfq2SjYE-eZDa4ZpesEjoflswbTpRKdhXun5bsFfQuk8wfVsEWiLoi2TQIu479wFyOP4RdUAwDb0o2EkorJLsEb0H9TbJ_3pVsP-RXogcn4Cr8eF-yX8DjkWSDIeuJZIXg8lSyXnAEfoQyqIDnLyRrgPg6yVLhGdRDvIvGzsFN0Ok11hOed9PYGDeNxYI-UGOeMPsTjS2GU3Addv9NYyVQAc-g_XiNhURrbAJ8Dxsna2wHHNM09ihWY-tmaiwDwuI09hmcj9fYLdAvwnyYkqaxbas1tgeewStoBnWNxnqAF1yA6_AYqqAWHPCgyy0WO7BaiYfNM94o30Nl0hvlMXxz4Y2yBZIe1ykp0P3jt0pviI55q2hwaLBDOQbnhziUDH-Hsgs8Ih1KP5i6yqHMhJ5rHYo3dFvvUHpB_UmH0gJ7LzmUPLg6v0G5BctHNSrrQAtuVD6H2LmNSjycSm9ULkD51PfKHRi-8r0SCq7X3itu0P7me8UAQa5NihG6f92k9Ib0TU1K5l-sTcpuSNr9p5ICGya1KJuhvrVFaYEferYqF2HK_FZlBgxZ3qqMAGVFq9IB8lKZegAqHzL1MWzPaaNG5rVRo6HXFkXtD5etinoDyi7irqrqDfD0UdUBcGqSql6A2VNVNQlKN6rqOUi5qKpLoe6pqjbB4g5cveTJ1Z-g5tVI_g5cG0ZyN8ioCuK74LtXQTwD6t4F8Sa4N3EU77pzFPeARwdG8ZeQ5BbMU6DcJ5h7jgjmAyA9K5hvBxfvEN4NlgwN4avhTEIIL4M1ySH8W6igUH4fxm8N5VOh5UooF1dDefGtUP4v6BE4mnsB00bzduDqHsbdoDkyjIuoMJ49JowXw42aMP4AztaG8csgwsN5R3i9MpwfKgrnZ6HcFs7vQBd7OHeHYTojD4b74N3NyH2hKtrI6-D0l0Z-CV4vMfIGeP-VkbdZZeSVh4z8MTw9YuS1sPK2kW-CmdVGngjub4y8L5h7R_AJ4OgTwckrgi_TIvg_YMeeCF4ANYUR_B0E1UdwI0wECdMgDo7CKbjtbuL34Pd-Jl4DQ_ubuBGm-5r4HLgzDz3Yt9DE82H0EhOPhA4ZJu4Kc-wmvuGMiW-G_ZdNPOwXE4-CA89M_N8wzdnM4-C0p5lfggXDzDwNng43cwe8nW3mzdAUZ-Yd4s186FYzD4Kwxk95FFi6RPIrkOweyVfDesiEQTGRfChkJkVyr4pIPr1TFJ8DVztH8btw6qMoXgZtV0RxF0hoO4YvgPQOY3gm2CZaqNNkC_WAi8csVA6vTlioHjqVW8gL8v-wUCl83N5KoeAZa6UB0D3RSr3_stZK_vBom5WW5lpp30kr5UPyKSstgeCzVjKB8zsrdYG0eittgJJGKx2BNdOzaSv0n5VNP-_LpvuQejybVsDAn7IpACa0ZlMMPJyRQy9AtzeHOkPffTnkB0V5OXQYbtXl0LbUXNoDloxcOgRN1bmk1OTSvNe5tBC4kkedIXZBHsVDuUc-3QGf5HzK35BPdqgYU0CtYwuo7bgC-m5bAV07WkCVcPx0AV0AbikkHUyzF1IcnP9vId2CjF5F1HVUEfWDG-uKqBJEaRF1hElZJTQTbj8roXsQUlVCZuj6Zwl5QPaHEiqGEz1sdB72-9moGNwn2KgvsGgbtYPWBBu1TbSRz2obBULfHTbyg8xSG-XA8vQDtAEGXDpAwT52MoHXIDsNgqxhdiqEI1_Y6SSMW26nKXCl0E43wfm4nbrAohN2WgmezXYaArbxB-ko9JlzkAaCI-Ug5YdUkR32JlZRHnRNqaJ-ULilig6B0VBN3hOrKRBSZlbTUuh9tZp8of5uNbWA9ns1fQ49Q2vIG_4na6gRzCdraAIsPFdDy6HhfA21QkB5DY2E0T61FA3tx9aSAfpOqyU_CNhdSyOh9lwtfQAXnzfUCyatqSMJ9jFO4ggkTHISadAknYSiOYlrGU6iEh49cRIvYcp7JzG5yUlo0NNNJ7zhU3-dkFCUrBOHYUKWTsRA0k6dSIHbu3TiHrzdoxON0LpXJ1z26cSZBzpRBpZUZ1EIkaXOIhqqjjmLOoj5wVl4z-0ofKHd1o5CDy5nUV_sKAKhMsBFPIYPc13EvqcuIuitizDCWDe9mAyHx-nFwvl6UVGsF_dgVpVezAV7g14cgfRmvciEbw0GkQWvfQyiAV6MMIhGiE0yiC9g2xaDyIVfywziKURcM4hxsO6lQczSuwprkKvIhx5xrsILguJdxURIhMxlncRumHm7k3DVtfsj-8YJob_y5G5WGzen8Snx8xYkhsctmjenj09iwry0lNRFgxNS5iz-e2Jy2iK_uakpyWmJyQmzA4YEBPr7Dxk2eEjA7C8D_g9bSSk9&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=CIXoka7m14kDFZHL0gQdEyYuhg&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=ywSeb4Zu5zaR1wA7GXDTeFlL_aPWk2AW6IEPRZPLqng4YXjEle5OETsq-CXwRYlikjAnOcP9-c0RNlqugp8EI_gEghf6ZboGAfOFbWzUjZ4i0_6LtQc9U4fabpMWyHx3ZBVSvzKOOFOm5lHVwxplF4DGxtlWvTEJQcw7jn0YNbb0dFs; expires=Wed, 14-May-2025 22:04:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:13 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-IcIpTK6NYiwvzcJxpnRufg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=rFwn6rs7fSqs_p1IDz8Zx1TEuiKW2RJ4SAJ8_xD6nt4RYXy4A00Ya3KMqni4rm2FuXw8Grd6uHX_3fhhPGYlBLXweEe8xtYIwhvV6zxlh_suuRa7AN8fitHS2GLd_hgjgBFyDVUupP1tPylbyFrVgvJUKcqrBnZj18bEtpJdQNnTKnI; expires=Wed, 14-May-2025 22:04:13 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:22 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-7tyvngSbH_ivbMe3qmUKaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0XtYzdkaB_Dlt9e7XNrV3psYqUSFKKNkOFKp3d6ncmtcWj8RU0qP4dRIGAyDMc4RjqcMube7x7Zxcnrcxm2QW4aGMSOO23HtwhFbF6POd_74PGu9z_s8a72XLpe6G1rj2Hoh2bhOkuXBMgfJvgEbHNZKdhnCdZIVgodBsv4ukhnhPCR2l-x0D8n8PpGsFMa5SubWS7I4N8mKPCSb01uyD30lS_aSTNtPMnc4BR8GSuboJ5keymCQv2Q5gyVbGyCZeZhkWbAF2j-TbMJwyW6OkOwJhIVK9vkU1KBKNhxuxEv2EPJmSPZbomTPoXOyZD3h1xTJguZKFgl1C_EnDP4aMfy-UrIXULZKsqPw82rJ7kPkd5JNhhEbJYuCrK2S7QCfXMmGQds2yZy2S7Z6F-qF1Xk4wc8i2SjYWSSZFa7YJKuBbock84ZjFZgj3D8p2SvoUylZACyHjRB9SbKpEH4V_YG5CjOE7bAXBt6QbCRU3JbsArwFzW-S_fOOZHuguAY5OAaX4af7kv0CHo_QM-Q-wX7A-alkvaEcfoJKuA3PX0jWBEmNkmXAM3gPSc4qOwM3QKtTmRs876GyGFeVxYMuSGWeMPMzlS2EE3AVdvxFZfvgNjyDzuNUFhqrsvHwA6ydpLKtcERV2aN4la1KUFk2hCeq7HM4m6SyatAtwPswOVNlm1eobCfcgyfwBlrA51uV-cM5uAq_w0NoADs8cKlm8QPrlCTYMP2N8gPUpL5RHsP3594oGyH1caOSDj0_fav0gdi4t4oKBwfblSNwdohdyQ6wK9vBI8qu9IMpy-1KArittCve0GO1XekN74_blTbYdcGuFMHluU1KNSwZ1aysAjWkWfkC4mc3K0lwIqtZOQdVU1qUWzB8WYsSBoYrLYordL7Rough2NCqGKHnd61KH8ha36rk_MnSquyA1B1_KOmwZmKbsgHet7cpbfCjW7tyHibPbVemw5Al7coIUJa2K12gKINp9kPNQ6Z5DFsKOmiiijpoYqH3RkXTHy5aFM11qDyPu0ajuQ6evhrNADgxUaM5BzOnaDSpULFWozkD6ec1msXQ-FSjaYWFXbjmgifXXIP6VyP5OzA0jeSukF0bzLfDulfBPBsa3wXzVrg7YRTvvm0U94BH-0fxl5DqGsLToco3hHuOCOEDICs3hG8BZ-9Q3gMWDQ3lK-BUciivhHVpoTwbblMYvw_jNoXxKdB2KYyLy2F8b3UY_xf0ChrNvYCpo3knMLiHc1f4EBXORXQ4z48J53vhen04fwCnG8L5RRAREdwJXi-L4AfLIvhpqLJG8FvgYovg7jBMa-QhcB-8exi5H9TGGnkjnPzKyC_A60VG3gQt3xh5h-VGXnPQyB_D03Ijb4BlN418PSTUGXkKuL8xch8w94nk48HeN5KTVyT_Wo3k_4CtOyN5CdSXRvJ3EPw-khthAkiYColwGE7ATXcTvwv3-pl4PQztb-JGmOZn4rPg1hzkYPd8Ey-G0YtMPAq6ZJu4AWbZTHzNKRPfAHsumnj4LyYeDfufmfi_YaqjmSfCSU8zvwDzhpl5JjwdbuZ2eDvTzD9Aa6KZd0ky86GbzDwY8lyi-CVIc4_iK2A15MCguCg-FHJSo7jX7Sg-rWs0nwWXu0XzO3Dik2heCR2XRnNnSO4Yw-dBVpcYngPWCXnUdVIe9YLzR_KoCrpW5ZEXFP8njyrg084WCgPPeAsNgJ4pFurzp5UWCoBHmy20uNBCu49bqBjSTlhoEYSctpAJHN9ZyAUy31toDexrtlA5fDstnzZB_xn59PPufLoPGUfzaSkMvJZPgTC-PZ_i4OH0AnoB2l0F1A18dheQP5QVFdAhqG4soM0ZhbQT8rIL6SC01hWSUl9Ic14X0nzgShF1g_h5RZQEVR7FdAt804qpeE0x2eB2TAm1jymhjmNLaN3mErpyuIRq4OjJEjoHTnml1B2m2kopEc7-t5SqIbt3GXUfVUb94PqqMqoBUVFGTjAxdx8lQGjtPjJD9z_2kQfkf9xHe-FYLyudhT3-VtoL12Ks9Cu4j7eSD7BYK3WCzilW0oPvCisFgc9WK_lDToWVCmBJ1n5aAwMu7KcQXxuZwGuQjQZB7jAblUL5lzY6DmOX2GgyXCq10Q1wPGojF1hwzEbLwPODjYaAddwBOgx9Zx2ggWBPP0DFobVkg10ptVQELum15AOlG2vpIBj1deQ9oY6CID2hjhZDn8t15Afv79RRG6j36ugLcAurJ2_4n6ynZjAfr6fxMP9MPS2BprP11A6jfRsoFjqPaSA9-ExtIH8I3NFAI6HhTAN9BGffN9QbJn7bSBJsMQ6iHJInOohMaJUOQlEdxJVsB1EDj544iJcwucVBTG11EDPAzVUrvOGvAVohoSxNKw7B-FytiIPUbVqRDje3a8VdeLtTK5qB7dYKHZx6oBWVkJfhKEohqsJRxELtEUfRCHE_Ogrv2U7CDzptchI6cD6N-LyTCIKaQGfxGD7Odha7nzqL4LfOwghjXHViEhwaqxPz5-rEvb068Qhm1OrEbLA16UQ5ZH3QiRz4u14vcuG1r140wYsRetEMBeF6UQ7xqXrxJWzeqBeFcKtSL55A5BW9GAurXurFDJ1BWIINohh6JRqEFwQnGcQESIGEGwbhXd1VJNzsKgwOnZ7lXz8mdA8P2ae5OoxLT5ozLyUiccGcWX19U5LnZKZnLBicnD5r4d9S0jIX-M_OSE_LTElLnhk4JDAoIGDIsMFDAmd-Ffh_sI4egg&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=CKbArrLm14kDFe7J0gQdpO4lCg&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=vps5ia4MSG1VPBTbKiOH-y_yYbcKLC73P5dhekwpxr_un9GRpk367eGddpiVfdCcD9Cv9CqGCqWmOn_KVww_yFTvSaZwXRxldVTf9tROlsl-eiN2Z3lBIg0h1ihbNKLhLxEtVq_BA9khHOVQK7y1bC7Bd3-AtJbHbrgSIxwJQ-SsRMw; expires=Wed, 14-May-2025 22:04:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:22 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-1bnTM089WfRcR7rC6nqd4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=gUrcaSLufkJyZT-2pk8Y-t52D2VWgHAcvylL-iV0vymu_6KfFXRioQWymql5KsHzDNacaEOMTnqb3g2faLuZETAFPjSvOCCv3ouh8xMWjT7lYI3yuoxGOmzQSRCbZN-oNPmzFnU7qP5PqsbDR7TgLaJMm9MZrD1mAIRk8RirnhjTmhA; expires=Wed, 14-May-2025 22:04:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:38 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-eXWNKbom7sXbjsSU3EX62g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0XlQlEcaBvDON_22BwPMoHggIAioKBhBjEYEhGFmARWIB_2BQQOCFKsLEVGjxjNusiFhLTCKN8MNjhONLuUVr3jEA6NEYxRdr_Xk0IiOIEbYJ3_86u2ut6r7ebt7nu3j1JHAvhGSTe4uWTEssZPsc7DCPq1k4TrJysDdSbIhzpIZ4BSk9JHsWF_J_PpJVgWTXSTrN0CyBFfJyt0lyxwo2QpPyd4OkizNSzLtYMnc4Ci8HSaZvZ9keqiG4f6SFY6Q7MsAyUyjJcuDDdD1gWRxYyS7MlayBxAWKtlH05FDlWwMXE6S7C4Uz5Ts9xTJHkOPNMn6w2_pkgXNlSwSmhbiTvD_DPnh-irJnkD1askOwC9rJLsNkV9INg3G5ksWBXkbJdsCPkWSjYbOTZI5bJZszTbkhTXFqOBnlmw8bC2XzALnrZI1QO89knnDwVrJzsHtI5I9A88zkgXAcsiH6LOSJUL4BcwHpjq8I2yGGhh2WbJxcOSqZBeh9ppkp-ElaH6X7N83JNsBFQ3owUE4Bz_dluxXcL8n2QgoeoC_AseHkg2EvfATnIFr8PiJZG2Q2ipZDjyC15DqqLLjcBm0OpW5wuO-KotxUVkS6IJU5gGzPlDZQjgMF2DLhyrbCdfgEfSYrLLQeJXFwnfw5VSVbYT9qsruJalsdbLKCiA8RWUfwYlUldWDbgHOh2m5Klu_QmVb4RE8A5-VKvOHk3ABrsNdaAEb3HGuZ0nDmpRU-PbjF8p30JDxQrkP_zz5QsmHjPutSjb0f_-l4gnxCS8VFXaPsCn74cRIm1IQYFM2g3uUTRkM05fblGRwXWVTvKHvGpsyEF4fsimdsO20TSmHc3PblHpYMr5dWQ1qSLvyCSTNaVdS4XBeu3IS6qa_Ua7CmGVvlDBwOv9GcYEel98oegh26lAM0P-LDsUT8r7pUAr_Yu5QtkDGlj-VbFg7pVP5Fl53dSqd8KNrl3IKps3tUj6GkUu6lLGgLO1SekJ5DtPsgoa7THMfNpS-p4kqf08TDwPzFc0Q-NmsaC7BmVNYazSaS-Dhq9EMhcNTNJqTMGu6RpMBtV9qNMch-5RGsxhaH2o0HbCwJ9ec9uCai9D8bBx_BU5t47gLFDQG883w9bNgXgCtr4J5B9yMG8_7bBrP3eHervH8KWS4hPBsqPMN4R5jQ_hQyCsK4RvA0TuU94VFo0L5CjiaFsrPwMqsUP4VXKMwfhsmrwvj06HzbBgX58J4TX0Y_wEGBE3gXsDUCbw7uLqFc294GxXORXQ4L4kJ5zVwqTmc34FjLeH8ZxAREdwBni-L4LurI_gxqLNE8KvgbI3gbjBaa-AhcBu8-xq4HzTGG3grHPnUwE_D80UG3gZvPjfw95YbeMNuA78PD_caeAssu2Lg30Byk4Gng9sLA_cBk2ckjwXboEhOXpH8MzWS_ws2bo3kldBcFclfQcDrSP4hxIGEREiBfXAYrrgZ-U24NdjIm2HUECM3wAw_I58NVzPRg-3zjbwCJiwy8ijoWWDkTjDbauRrjxr5t7DjZyMP_9XIo2HXIyP_DyTam3gKHPEw8dMwb7SJ58LDMSZug5ezTPwtdKSYeM9UEx-1zsSDodg5ip-FLLcovgLWQCEMT4jio6AwI4p7XYviM3pF89lwrnc0vwGH-0XzM9BtaTR3hLRuMXwe5PWM4YVgiSumXlOLaQCc2l9MddCrrpi8oOK_xVQL7_cwUxh4JJlpKPRPN5PnX1aZKQDurTfT4jIzbT9kpgrIOmymRRByzExGsH9lJmfIfW2mtbCz3Ux7YeWMEloHQ2aW0C_bS-g25BwooaUw7GIJBUJsVwklwN2PS-kJaLeVUm_w2V5K_lBdXkp7oL61lNbnlNFWMBeU0R7oaCojpbmMMp-X0XzgSjn1hqR55ZQKde4VdBV8syqoYm0FWeFaTCV1TaykbpMq6ev1lXR-XyU1wIEjlXQSHIqrqA8kWqsoBU78r4rqoWBgNfUZX02D4dLqamoAUVtNDjClaCclQ2jjTjJBnz93kjuUvNtJNXBwgIVOwA5_C9XAxRgL_QZusRbyARZvoe7QlWahbukW8l1hoSDw2Wghf5haY6EZUFhroVJYkreL1sLQ07soxNdKRvAabqXhUDTaSlWw9-9WOgSTllhpGpytstJlsD9gJWdYcNBKy8DjrZVGgmXy97QPBs3-noaBLft7qghtJCtsS2-kcnDObiQfqMpvpN1g0DeRd1wTBUF2chMtBs9zTeQHr280USeot5roE3ANayZv-EM2UzuYDjVTLMw_3kxLoO1EM3XBBN8WioceE1tIDz6JLeQPgVtaaBy0HG-hd6DzfUEeMGVlK0mwxtiJvZA2xU7kQoe0E4pqJ84X2IkGuPfATjyFaW_sRGKHnZgJri5a4Q1_C9AKCdVZWrEHYou0IgEyNmlFNlzZrBU34eVWrWiHrm1a4bhdK47e0YozUJxjL6ogqtZexEPjfnvRCgk_2gvvOQ7CD7qvcxA6cDyG_SkHEQQNgY7iPryb4yi2P3QUwS8dhQEmuujEVNgzSSfmz9WJWzU6cQ9mNurEHKhq04ldkPdWJwrhK71eFMFzX71ogydj9aIdSsL14gdIzNCLTPguXy_KIfK8XkyC1U_1YqbOSZiDnUQFDEhxEl4QnOok4iAdki87Ce_6XiL5Si_hZNe9reTSQaG7fuUPRxe7ydmpmfPSI1IWZM4e5JuelpmbnbNgRFr27IX_SM_KXeA_Jyc7Kzc9K21W4MjAoICAkaNHjAyc9Wng_wGlJiA1&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=CI6us7rm14kDFUvu0gQdxZc7bw&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=H6d0A4cKn2Tubpr21Ez0botYxX5VHYS2Ij3gwuAw7PjiPEs3TCnij4_7hRVwjwzAGbxDtBL0YhQWDL3nYgyIQQXRTpBpJUnoyLhF8idi9IdjXVamnCclHSmSBIkEGDcXx46mYSNioN9CshSpiPySYf5EAmOwjKyo1iTUEq2fw8QfOzlZ; expires=Wed, 14-May-2025 22:04:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    216.58.201.110:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:04:39 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-pjEVmhSKitYbsUnHNz3-MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=iqPI7VlGLZFxvksI1_K-JOwO7UYMHZ5BfZddYqhpML93F65OH-cghGMATeThUddJTsfp3sC38Fwp6Rjspw0taCaz3L04k9mbc625_vgHG34cogLhHG-b-qESuRPPo7WYlz-RdlG1jZJnr2MYT0_TF-NHcp6fUxhfaVWv5-JArsHYQ6I; expires=Wed, 14-May-2025 22:04:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-us
    DNS
    docs.google.com
    Remote address:
    1.1.1.1:53
    Request
    docs.google.com
    IN A
    Response
    docs.google.com
    IN A
    172.217.16.238
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    172.217.16.238:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:05:11 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-pHOXsNg5eC5VkRDSj-ulNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0HlUVEcWBvDyvbrlQgPdKBoREAVUFIwgRkcEhKZ7ADfiQj1xCwhyjA5ERI0a1xjHoI4DRnGn2dG21dHhuMUt7opRI0NGzLiNK4uOaAtChPnyx-9U1bnn1L3361TZ1aU5nq0Xko3pIFkefOMgmQ2O6CS7ChF6yQrB00Wyvq6SGeECJHaV7Ew3yfw_kcwKY9wkc-8hWby7ZEWeks3uKVlLb8mSvSXT9ZHMA05DS3_JHP0lM0AZDAiQLGegZGsDJTMPkSwLtkDbZ5KNGyrZnWGSPYHwMPQcJdk8-HwSZtEkGwq3EiR7CHnTJfs1UbLn0DFZsu7wrxTJgudIFgW1C9AbAr7GDvDvlZK9gLJVkh2Dn1dLdh-ivpVsIgzbKFk0ZG2VbAf45ko2BFq3Sea0XbLVuzA3rM7DCf4WyUbAziLkAddsklVDl0OS-cDxcuQJ909J9gp6XZIsEJbBRoi5ItlkiLiO_cBcgSxhO-yF_rckGw6nKiW7AeVVkl2Et6D-Ktnf7kq2B4qrUYPjcBV-ui_ZL-D5SLKBkPtEslJwfipZTzgMP8ElqILnLyRrhKQGyTLgGbyHJGeNnYVboNNrzB2ed9NYrJvGEkAfrDEvmPGZxhbASbgOO_6ksX1QBc-g4xiNhcVpbCz8AGsnaGwrHNU09ihBY6umaSwbIhI19jmcS9LYbdDPx_8wMVNjm5drbCc8g1fQAuoKjRWCFc7DdXgMNVAPdnjgepsl9K9VkmDD1DfKD1Cd-kZ5DN-df6NshNTHDUo6dP_0rdIL4uLfKhocHGhXjsK5QXYlO9CubAfPaLvSByYtsyvTwH2lXfGBbqvtSk94f8KutMKui3alCK7OaVRuw-IRTcoq0EKblC8gYVaTkgQns5qU81Ax6YNSCUOXflDCweXaB8UNOt76oBggxKVZMUL3b5uVXpC1vlnJ-YOlWdkBqTt-V9JhzfhWZQO8b2tVWuFH9zblAkyc06ZMhUGL25RhoCxpUzpBUQZT90P1Q6Y-hi0F7dToonZqHPTcqKh94bJFUW_CpQu4q6p6E7z8VLUfnByvqudhxiRVTYXytap6FtIvqOoiaHiqqs2woBNXL3px9QbUvRrO34FL43DuBtk1IXw7fP8qhGdDw7sQ3gz3xo3gXbeN4J7waP8I_hJS3UJ5OlT4hXKvYaG8H2TlhvIt4OwTxrvBwsFhfDmcTg7jl2BFWhj_K1RROL8PYzaF80nQeiWci6vhfO_tcP4P6BE8knsD00byDuDiEcHdoCU6gouYCJ4fG8H3ws26CP4AztRH8MsgIiO5E7xeGskPlkXyM1BhjeSV4GqL5B4wRGfkoXAffLoZuT_UxBl5A5z6ysgvwuuFRt4IH74x8nbLjLz6oJE_hqeHjbwelt4x8vUwrdbIU8DjjZH7grlXFB8L9t5RnLyj-NdaFF8HW3dG8RKoK43i78DjfRT3hRAwwjiQMBkS4QichDseJn4Pfutj4nUwuK-JG2GKv4nPhMrZqMHueSZeDCMXmng0dMo2cReYaTPxNadNfAPsuWziEb-YeAzsf2bi_4TJjmaeCKe8zPwizB1i5pnwdKiZ2-HtDDNvgeZEM--UZOaDN5l5COS5RvMrkOYRzZfDasiBAfHRfDDkpEZz76poPqVzDJ8JV7vE8Ltw8pMYfgnaL4nhzpDcPpbPhaxOsTwHrOPyqPOEPOoBF47mUQV0rsgjbyj-Tx6Vw6cdLRQOXgkW6gfdUyzU6w8rLRQIjzZbaFGhhXafsFAxpJ200EIIPWMhEzi-s5ArZL630BrY12Shw1DRI58qYcWUfNoEfafn08-78-k-ZBzLpyXQ_0Y-BcHYtnyKh4dTC-gF6HYVUBfw3V1AAVBWVECH4HZDAW3OKKSdkJddSAehubaQlLpCmv26kOYBV4qoCyTMLaIkqPAspkrwSyum4jXFZIOq2BJqG1VC7UeX0PebS-jakRKqhmOnSug8OOWVUleYbCulRDj331K6Ddk9y6jriDLqAzdXlVE1iPIycoLxuftoGoTV7CMzdP19H3lC_sd9tBeO97DSOdgTYKW9cD7WStfBY6yVfIHFWakDdEyxkgH8llspGHy3WikAcsqtVACLs_bTGuh3cT-F-tnIBN4DbDQAcofYqBQOf2mjEzB6sY0mwpVSG90Cx2M2coX5x220FLxabDQIrGMO0BHoPfMA9Qd7-gEqDqshG-xKqaEicE2vIV8o3VhDB8FoqCWfcbUUDOnTamkR9LpaS_7w_m4ttYL2Wy19Ae7hdeQD_5N11ATmE3U0FuadraPF0HiujtpgpF89xUHHUfVkAN_J9RQAQTvqaTjUn62nj6D3e0NeMH5FA0mwxTqIw5A83kFkQrN0EIrmIK5lO4hqePTEQbyEiR8cxIRmB6GBu5tO-MCfA3VCQlmaThyCsbk6EQ-p23QiHe5s14l78HanTjRB2y6dcN6tE6cf6MQlyMtwFKUQXe4o4qDmqKNogPgfHYXPLCfhDx02OQk9OJ_B-4KTCIbqIGfxGD7Ocha7nzqLkLfOwgij3PRiAhwarRfz5uhF1V69uAfTa_RiFtga9eIwZLXoRQ6sMxjENnjtZxCN8GKYQTRBQqpBfAmbNxpEIURdM4jRsOqlQUzXu4iSEBdhhR6JLsIbQpJcxDhIgR3DOosCmHans3DRdcgtuHlc6F-s-_tR1c1hTHrS7LkpkYnzZ8_s7ZeSPDszPWP-wOT0mQv-kpKWOT9gVkZ6WmZKWvKMoEFBwYGBg4YMHBQ046ug_wOAMyQx&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=COjUisrm14kDFUvu0gQdxZc7bw&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=e95_8riB_T4RAzSJksmiWgQlIFL_iQIjFaxDVvtRh7e67P0kET2HMcC6C0AjEHenC-Q3xrCnkWRsNnL0e_bcVOhoSr4phj_C0rpv02BGsFNrQHpmHB8STRuPn-2zthOaGSmc_Gr2fHRaG5MPB91k-s_GQHhcwSQvpMgy99gaFdObKwIB; expires=Wed, 14-May-2025 22:05:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    172.217.16.238:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:05:12 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-brlw00NfEVFkmJaRQCUphw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=kZG8QEpHtCRn8VUnAB2N0O_I6a4kDwK6iOkS7757EFxUShOO_J7ABC94P7VBLp-a85IMUPuBpROn0rOYXIRYM3LZ5MAulQ6kB9E9ob-FTLDL9XIBsZVL9i8PPX_ZDJEHOZ__DJMeSyTRHZ8rf8pFA01WT9prr7rnSjqO-QmzMDFEwljB; expires=Wed, 14-May-2025 22:05:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    Remote address:
    172.217.16.238:443
    Request
    GET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Robots-Tag: noarchive
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:06:16 GMT
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-G6sCscqeOluWSbvwD8WqHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241105.02_p2&context=eJwV0HlU1dUWB_DT73f2UeQC94JoIiAKqCgaIKRPBITLvQFO5MD5iakxyTJ9kIiWmqZmvSJ9PrDEmcs8XK_69LGccsohUUpJnymZqc-RIRO9gljwvv3xWefstfc6e5_d6_c-rp1JLJZL9qWQbFJPyYrgI0fJbHBAJ1kdROslKwVvV8mGuEtmhDOQ0keyE30lC3wdeZjkgZr-kiV5SlbmLdn8AZK9GiRZuq9kusGSecFxeDVMMqdAyQxQBcNHSFYwUrLPgiUzh0mWB19D95uSTRkt2ZUxkt2DqEjJ3p6BGTTJRsPlZMluQ9EcyX5KkewhOKRL1g_-myFZ6ALJYqF5CXrCyA8Rw_XVkj2CqjWSHYIf1kp2C2I_kWw6jNkgWRzkbZZsG_gXShYGXVskc94q2dodmBfWFuGEQItk42B7mWRWuGCTrBF675PMDw7XYo_wyzHJWmHgOcmCYSVsgPjzks2E6Iv4H5jrsUPYCtUw7LJkY6HqKuaFY_A91F6T7Cw8A_Unyf55Q7JdUN6IHByGOvj2lmQ_gvcd7AAK70lWCS73JRsA--FbOAfX4OEjydohtU2yHHgALyDVRWMn4TLo9BrzhId9NZbgobFk0IdqzAfmvqmxJXAULsK2v2msBq7BA3CYpLHIRI1Nhq_gs2ka2wwHNY3dSdbYmtkay4foFI29DadSNdYA-sV4H6bnamzTKo1th5twD_p_rDFf2ArFcBouwnW4Da1gh1_dG1jysGYlFda_81T5Choznyp34dPTT5UNkHm3TcmGfm88UwZCYtIzRYO9I-3KQTgVZFfyg-3KVvCOsyuDYcZKuzIbPFfbFT_ou9auDIAXR-xKF-w4a1fKoG5Bu9IAy8Z1KGtAi-hQ3oXkeR1KKhzN61BOQ_2Ml8pVGL3ipRIFrhdeKh7gcPmlYoBw107FCP0-6VQGQt6XnUrBXyydyjbI3PaHkg3rpnYp6-FFd5fSBd94ditnYPqCbuUdCFrWrYwBZXm30gvKcpi6GxpvM_UufF3ymhpX9pqaCAM2KOoQ-M6iqJfg3BncVVW9BD4BqjoUjk5V1dMwd4aqZkLtZ6p6ErLPqOoH0HZfVTthSS-unvXh6vfQ8ttY_hxc28dyD8hvCudb4Yvfwnk-tD0P553w85RxvM-Wcdwb7uwexx9DpkcEz4b6gAjuMyaCD4W8wgj-Nbj4RfK-sHRUJF8Fx9Mj-Tn4IiuS58M1iuK3YNLGKD4Dus5HcVEXxasbovi_oX_oeO4LTBvPe4KnVzT3g1dx0VzER_PihGheDZdaovmvcKI1mn8HIiaGO8OTFTF8b1UMPwH11hh-FdxtMdwLwnRGHgG3wK-vkQdCU6KRt8Gx9438LDxZauTt8PIjI39tpZE37jXyu3B_v5G3woorRv4lzG428gzwemrk_mAeGMsng31QLCffWP6hFss_h83bY3kFtFTG8ucQ_iKWG2EKSJgJKXAAjsIVLxP_GW4ONvEWGDXExI2gDjNxN5gVaOJpcHU-amDnIhMvh_FLTTwOeuWbuCuk2Ux83XETXw-7vjPx6B9NPB52PzDx_8BMJzNPgWM-Zn4WFoaZeS7cH23mdng218xfQWeKmfdKNfNRG808HKI73uLxUOQex89DllccXwVroQCGJ8XxUVCQGcd9r8XxWW7xPA3qesfzG3D09Xh-Dnosj-cukN4jgS-EvF4JvACsU4rIbVoR9YczB4uoHtzqi8gXyn8polp4w8FCUeCTbKGh0C_DQgP_stpCwXBnk4U-KLXQziMWKoesoxZaChEnLGQCp-cWcofcFxZaBzUdFtoPH88qpo0wZE4x_bCzmG5BzqFiWg7Dvi-mEJjcXUxJcPudEnoEuh0l1Bv8d5bQCKgqK6F90NBWQptySmk7WPJLaR90NpeS0lJK85-U0iLgShn1huSFZZQK9d7ldBUCssqpfF052eBaQgV1T6igHhMr6ItNFXThQAU1wqFjFXQanIsqqQ_MtFVSCpz6XyU1QP6AKuozrooGw6U1VdQIoraKnGFqYQ3NhroHNdQAkU01ZIY-f9SQNxT_WUPVcLi_lU7BrhFWqobTCVa6CF6TreQPLNFKPcEhw0oGCFhlpVDw32ylETCt2kqzoKDWSiWwLG83rYOhZ3dTRICNTOA73EbDoTDMRpWw_z0bHYGJy2w0Hc5X2ugyOB2ykTssPmyjFeDzykZBYJ20hw7AoLQ9NAzs2XuoPLKJbLAjo4nKwD27ifyhckMT7QWjoZn8pjRTKGTPbqYPYGBdMwXCixvN1AXazWZ6FzyjWsgPfpct1AHmIy00GRadbKFl0H6qhbphfEArJYLDhFYygP_MVhoBIdtaaSy0nmylP8El4CkNgKkft5EEW4Kj2A_pUx1FLnRKR6FojuJCvqNohDv3HMVjmP7SUczsdBRzwNNDJ_zgrWCdkFCVpRP7YHKhTiRB5hadyIYrW3XiZ3i2XSc6oHuHTrjs1Injv-rEOSjKcRKVEFfrJBKh6aCTaIOkb5yE3zxnEQg9NzoLPbicQHzGWYRCY4iLuAt_znMRO--7iPBnLsIIEzz0Yhrsm6gXixboxc1qvbgDc5r0Yh7Y2vViP-S90osC-IfBIArhSYBBtMOjMQbRAcmZBvEefLXBIMog9oJBTIQ1jw1ijt5VVIS7Civ0T3EVvhCe6iqmQAZsG-MmSuDzD93Ev2D2FTfhqut5veTSYaH_fN_2VsXDcVJ26vyFGTEpi-enDQrISJ-fm52zeGR6dtqSv2dk5S4eMS8nOys3Iyt9bkhQSGhwcFDYyKCQue-H_B_rIC6e&build-label=editors.documents-frontend_20241105.02_p2&imp-sid=CMGYgOnm14kDFZHL0gQdEyYuhg&is-cached-offline=false"
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=MZL3sIlNPduLocLPr20cjjBwuOZK0s1PpexEyLn1xdWmdUZnmMGKx2i56TR2iRDdmVVj9llpbSitiJ5bljBLFTv_5oaEOzYGUFOMKxXydwgZ7cwKr-g4N5I4yJWJAjzT43IZw4G2gGr1qjUomSDMEZSOx8Gqeyl_RaRLLNX1btiu_YU; expires=Wed, 14-May-2025 22:06:16 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    Remote address:
    172.217.16.238:443
    Request
    GET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
    Accept: text/html,*/*;q=0.8
    Accept-Encoding: gzip
    Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
    Cache-Control: no-cache
    Host: docs.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Tue, 12 Nov 2024 22:06:17 GMT
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
    x-chromium-appcache-fallback-override: disallow-fallback
    Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
    Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-t72F96TEu0FaCo8f85aMEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
    Referrer-Policy: strict-origin-when-cross-origin
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: NID=519=jFcP3bLV3W35KajS__lzIseO_CMrBzMgotC5lvy0enTeFpr2_ylAWgfl3EI3aJZNFJn3jKP3c5if05QMOkq-ae8S9830a_ojd3XFJbRPUBYXcNJ0UAbuaizPWEfQGYxYd2cAnbcncwUHlmamBbeSyPvqnyVa3oSczV0x40Nw-mZiiGc; expires=Wed, 14-May-2025 22:06:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    x-l2-request-path: l2-managed-5
    Transfer-Encoding: chunked
  • 142.250.180.14:443
    tls, https
    695 B
     40 B
     1
    1
  • 142.250.180.14:443
    tls, https
    695 B
     40 B
     1
    1
  • 142.250.180.14:443
    android.apis.google.com
    tls
    999 B
     4.4kB
     8
    6
  • 142.250.178.14:443
    android.apis.google.com
    tls
    5.6kB
     8.8kB
     23
    23
  • 216.58.201.110:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    2.1kB
     20.3kB
     21
    22

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 216.58.201.110:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.7kB
     11.0kB
     14
    15

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 216.58.201.110:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    2.2kB
     20.9kB
     22
    23

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 172.217.169.72:443
    ssl.google-analytics.com
    tls
    1.3kB
     6.2kB
     8
    8
  • 216.58.201.110:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.7kB
     10.9kB
     14
    14

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 216.58.201.110:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    1.9kB
     20.2kB
     18
    20

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 216.58.201.110:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.7kB
     11.0kB
     14
    15

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 216.58.201.110:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    1.9kB
     20.2kB
     18
    20

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 216.58.201.110:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.7kB
     10.9kB
     13
    14

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 216.58.201.110:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    2.0kB
     20.2kB
     19
    20

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 216.58.201.110:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.8kB
     11.1kB
     15
    15

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 142.250.200.36:443
    tls, https
    849 B
     40 B
     2
    1
  • 142.250.200.36:443
    www.google.com
    tls
    10.9kB
     12.7kB
     26
    35
  • 172.217.16.238:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    1.9kB
     20.5kB
     18
    22

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 172.217.16.238:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.7kB
     10.9kB
     14
    15

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 172.217.16.238:443
    https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
    tls, http
    2.1kB
     20.2kB
     21
    22

    HTTP Request

    GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic

    HTTP Response

    200
  • 172.217.16.238:443
    https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic
    tls, http
    1.7kB
     11.1kB
     13
    15

    HTTP Request

    GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic

    HTTP Response

    403
  • 224.0.0.251:5353
    3.9kB
     12
  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.178.14

  • 1.1.1.1:53
    docs.google.com
    dns
    61 B
     77 B
     1
    1

    DNS Request

    docs.google.com

    DNS Response

    216.58.201.110

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    70 B
     86 B
     1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    172.217.169.72

  • 1.1.1.1:53
    docs.google.com
    dns
    61 B
     77 B
     1
    1

    DNS Request

    docs.google.com

    DNS Response

    172.217.16.238

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dbgh.rypt/files/dex
    Filesize

    483KB

    MD5

    ae9c12585483e8f440602e44dedfc892

    SHA1

    9605a4070f7c3d7e180c319b3125751233b655ef

    SHA256

    6bae5b64c4d0c9b7777a8ff1d198eff5a89fc4b1e2489e0b13e2751b5e2e33cd

    SHA512

    cf958ae50832841f5921c82a8ac0ed3822afb6361648fb2d2c2cc99a17ff4a22343594e0599836342fd9cbeccc6c05623505f1c0d87197f296d5a917c5e7b33c

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.