Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
150s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
submitted
05/01/2025, 22:05 UTC
Static task
static1
Behavioral task
behavioral1
Sample
83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff.apk
-
Size
305KB
-
MD5
54b1a1a9e2ba31c5a14185d1da28b84c
-
SHA1
33a1be6f4459b84f2719c76ab15cb99f7cc8e783
-
SHA256
83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff
-
SHA512
c10c9181bcedccc8e66ceaa33c619543c97b253c7e9cf03296347465f942e4259102a7ce1932316d17e1c997734199c77b96cf3ab138f0b730f25a920703d59d
-
SSDEEP
6144:wsONyeKf/SNBee3aeJXeqCKYtPVwmqNscZlCbeVyxCdxCa:wzxKf/STeeqe0KY5qKxhkB
Malware Config
Extracted
xloader_apk
http://1.171.162.250:33669/user_info_uploader
https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
-
user_agent
Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36
Signatures
-
XLoader payload 2 IoCs
resource yara_rule behavioral2/files/fstream-1.dat family_xloader_apk behavioral2/files/fstream-1.dat family_xloader_apk2 -
XLoader, MoqHao
An Android banker and info stealer.
-
Xloader_apk family
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
ioc Process /system/bin/su gyys.ue.tp /system/xbin/su gyys.ue.tp /sbin/su gyys.ue.tp -
pid Process 5070 gyys.ue.tp -
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/gyys.ue.tp/files/dex 5070 gyys.ue.tp /data/user/0/gyys.ue.tp/files/dex 5070 gyys.ue.tp -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of the MMS message. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://mms/ gyys.ue.tp -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock gyys.ue.tp -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground gyys.ue.tp -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver gyys.ue.tp
Processes
-
gyys.ue.tp1⤵
- Checks if the Android device is rooted.
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Reads the content of the MMS message.
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5070
Network
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN AResponseandroid.apis.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A142.250.179.238
-
Remote address:1.1.1.1:53Requestdocs.google.comIN AResponsedocs.google.comIN A172.217.169.78
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:06 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-j1YCflr-_w_NF4hz6QQCjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0HtY1FUaB_DT73fek8IAM8NNEREEVFQMSJMVBWGYCVTQDDkjhsYtHtMgFS3LS5pZ0ZILpuSVERhu46RprBc0Ne9GKmm2oUvpekkuuaIjiBvstz8-z_v-cZ7n-z2vU7e3vieVWeEzIVlSP8nKYIWzZHbYr5EsVitZBfjpJRvuKZkBTkGGl2THvCUbPUAyKyT5SOY7SLJUX8kq_SR7NlSy7EDJvh2GfaRkLqMl00ENjAqVrGSMZOvDJTONk6wQNkHfS5JNHy_ZlUjJbkNMtGSvzEKuWbLxcDlNst9garpkc6BsrmQ_Z0h2D_pnSzYQfsqRbOwCyeKhbSmyIfRd9IZ_fSDZ71CzRrKDcHGtZC0Q_6FkKRBZJFkCFG6WbCsEl0o2Dnq_lMx1i2Rrt6M3rC3DhNEWySbCtkrJbHDBLlkzeOyVLAgO1Ut2HlqOSvYHBJyRLBxWQhEknpNsNsR-j3-CqRH3gy1QC6MuSxYFNVfRF47CD_DommTqz5J9_otkO8HaLFk9HILz8F2LZD-C303JxkDpbcmqwe2OZENgH3wHZ-Aa3Ptdsi7I7JRsMdyFJ5DpZmbH4TJotGbmC_e8zUw71sz8Yd5LZrYUGuB72Po3M6uDa3AX_hZlZonQP8nMomeYWTJ8AetfNbPNcMBsZjfTzGxNupkVQ2yGmb0CJzLNrAm0S5ADKQVmtnGVmW2DG3AbBq02s0A4Cd_DLWiFDnDAr55NLG1km5IJzbkPlVvw0cmHShHk3upU8mHgC4-UANgzxqEcgBNhDqU43KFsAb8EhzIMZq10KOng-4FDCQLvtQ5lCDw57FB6Yftph1IJ5xd0KU2wfGK3sgbMk7qV1yHtjW4lExoKu5WT0DjrqXIVxr__VIkB_YWnig_0v_xU0UGUvkcxwMAPe5QAKPysRyn5i6VH2QpP-nqVXjji26ecgpQFfcprELa8T4kE5b0-xQkqFzN1NzT_xtRbsKn8OTWh8jl1BgwpUtThcNaiqJfgzCnsqqpeAv8QVR0BDTNV9STMm6WquXBgjaoeg_r1qnoc8k-p6jvQeUdVe2CpE1dP-3P1B2j_YwJ_DPquCdwHiluj-Bb49I8oXgydj6N4D1yfPpF7fTmR-8HN3RP5fcj1mcTzoTFkEvePnMRHQGHpJL4J3IKiuTcsezGar4Jvs6P5GVidF80_hmsUw1sgaUMMnwW952K4OB_Da5ti-NcwaOxkHgjMPJn3A7-8yXwY-A6O5UHwLCGWi8RYvmtKLK-FS-2x_Fc41hHLz4KIi-Ou8OD9OL6nJo4fg0ZbHL8KnvY4PhhaNAYe5G3go6F1hoF3wtG3Dfw0PFhm4F3wdIWBP7fSwJv3GPgtuLPPwDvg_SsG_hkMfmjgwWAKiOfJ4Bgazykwnr9rjuefwOZt8bwK2qvj-WMod8TzOoh6Es8NYIQkmA0ZsB8a4AF0wZXBRn4dbgwz8nZ4cbiRG2DOaCPPgmmpRp4CV-fjDexYZORWmLzMyBPAqdjI9ZBlN_J13xr532HnWSOP_dHIE2H3XSP_Bo76m_hpWDjOxAvgzngTd8CjeSb-DHoyTNwp08Rf3GDiUTC1-2X-KpR5JvBzkDc4ga-CtVDyl9wEHngtgV9UE3kLFFEi3wRz3BN5Fpz3SOS_QMOARH4Gsp-fwhdCodMUXgLXDWXUBrbpZeT-ahkNglMHyqgR3BvLKBCs_y6jenihv4Vi4OuXLXQI_NMsNAICPrBQONzcaKF3Kiy047CFrJDXYKFl4PLYQp5Q8MRC66Cu20L7YPWcXbQBhs_dRRd37KIWSO7bRamg2V5OHhC8o5xCoaaynPZCU2c5bVxcQdvAUlxBe-H-9Qp6CD1tFaS0V9D8BxW0CLhSSR5wbEAlnYW0hZWUCY1-VroKIXlWsq6zkh2uTamivqlV9Py0Kvp0YxVd2F9FzXDwaBWdBP2KahoKrmXV5AWz7dWUASf-U01NUDykhrwm1tAwuLSmhppB1NeQK8wsraN0uHK3jq5DdGsdmcDrf3XkB7v-rKNa-EK1USUcGmSjE7Az1Ea18MMUG_0Eg5NtFAxsho36Qf8cG-ngH8ttZIGQVTYaC8GbbRQK6bU2yoGSehuVw_LC3bQORpzeTZNC7GSEwFF2GgWl4-xUDfvetNNhmLbcTingctBOnuD_zE5hYEv6ivbD0KyvaCQ48r8ia3Qr2WF7TitVgmd-KwVDdVEr7YEV9lZaB7n3Wsmga6P89DZ6BwLOt9FoePJLG_WC-UYbvQ6-Me0UBKbD7ZQMi46303LoOtFOfRDR2E4TIHh2B4XC9o86qBIitnbQBOg43kF_gjbkIfnDzNWdJCF7prMogAvFzqIZbt52FvehwOEsVkDKU2cxu8dZzIWXwzVCQk2eRuyF5FKNSIXcLzUiH65s0Yjr8GibRnQD26ERWljPXcTnII0uIhe257mISkiodxEzoPWAi-iE1CMuoqLNRdRAvw2uQgtux1zFS-dchQmaI9zELfjzDTdh_9lN1MOOO24i6pGbMMBUH63YO00rFi3QijyrViyDG7VacRP6urSCd2tF4TOtKIGPdTpRCg9CdKILDAadmAr613TCB2bn6sR82FikExVw9YxO3IbkCzqRCmvu68RcrV5YovTCCu5GvRj0lwy9CISoTL2YDjnwzUq9OAJxq_RiJqSU6UU2ZF3WizA3dxEJaSPdxZswfLy7eAFK3nUXW2FYk7tIv-IuBv7XQwRAz2MP4eTwEDu7PEQVzNJ4ihzI1HuKNyGzFhMW13mK9yDsd08RCSOCvEQkrJ3qJUqAWbwEwRdHvETNOS9xEB73egmR7i284K33vEVP7QCh1_S7uK69QWg_afjtn6qPc1J-5vyFOXEZS-ZnDQ3JyZ5fkL94yZjs_Kylb-XkFSwJfWNxfl5BTl72vIiwiLHhEeFhY8Ii5r099v_pnVMk&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CJar4L_L34oDFRuDXQMdLBoURw&is-cached-offline=false"
Document-Policy: include-js-call-stacks-in-crash-reports
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=Y5V_ZVAgyIqVI_vuDtWXTGxHvNQxHW1DJ3Opc3cD9IOOyB69Rd0kBG6uJRpRy9MmjhwmxhOQNqcsg4p7BWCTpOTmQCwv-A0Tq8I363Q5uylDi3Zzoz1EqCyB1aRa_h13dZfubOGEoNdiX0D2x3XNy-hKNcyWlaOfUhBCr6Aru6U5oRI; expires=Mon, 07-Jul-2025 22:06:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:07 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
x-chromium-appcache-fallback-override: disallow-fallback
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-ENwE-IhkofT8tH1e5SlVTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=VBmsH9KAXz6BiHoXb9U5wkoscFclxoIwaoQ1EsKR0uXGj8FnnGv6IqMcRmVaE3gChFM_k8s0b-w9SQ9ExwwJRIQxl5XWJMdI-CXO2vZXYBgo4CX-LO-s-rM4b80bPryaXRy5W1IBUGJdgk4mbg9EmGMMtI0MzpRaTxXRs52FkSPXDWGp; expires=Mon, 07-Jul-2025 22:06:07 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:09 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-AtDvhdH1wm_iP_XWpSW1JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0XlU1FUbB_Dr73efm8IAM8OmiAiCKCompmmiIAwzgQqaCXfE0NjiuASpaJlLamZv9JqBJanojDKs42hpHBdcczdKSdM3LEtfl2TJREcW3-D9-sfnPM-55577fe69Lnd89Z0p7FMhWWJPySyw3FWyFeCA_RrJzkOMVrJSCNBLNshbMgOchnQfyY77Sjast2QVkOgnmVdfyVL8JbMFSPZsgGRZwZIdC0U_RDK3YZLpoBKGhktWNFyy9RGSmUZLVgBfQvfLkk0dI9mVsZLdgegoyV5LRq5ZsjFwOVWyP2BymmSzwDJbsuvpkt2HXlmS9YGfsyUbNV-yOGhagmwIfw9zw39WS_YnVK6R7CD8uFaymxD3oWQzYOwGyeKhYLNkW2FgsWSjoesrydy3SLa2BHPDWgsqDLNKNh622SSzw0WHZA3g9bVkIXCoRrIL8NtRyVog6KxkEbASNkDCeclmQsz3uCeY6vB-sAWqYMhlycZB1VWcBUfhB3h8TTL1umSf_SLZDihrkKwGDsEF-O6mZD9BwC3JhkPxHfwReNyVrD_sg-_gLFyD-39K1gYZrZItgnvwFDI8zOwEXAaN1sz84b6vmWlHmVkgzHnZzJZALXwPW18xs2q4BvfglUgzS4BeiWYWNc3MkuALWP-6mW2GA2Yzu5VqZmvSzKwQYtLN7DU4mWFm9aBdjByYkW9mm1aZ2Ta4B3_BqQ-QCbehEVrACb9717PUIU1KBjTkPFJuw0enHikbIOd2q5IHfV58rATB3uFO5QCcHOFUCiOcyhYIiHcqoZC80qmkgf9qpxICvmudSn94etipdEHJGadigwvz25R6WDa-XVkD5gntypuQ-la7kgG1Be3KKahL7lCuwpjlHUo06C92KH7Q63KHooNIfadigD4fdipBUPBpp1L0nLVT2QpPu7uULjji362chhnzu5U3YMSybmUsKO93Ky5gW8TU3dDwB1Nvw5e7eqjxth7qNOi_QVEHwTmrol6Cs6fRq6p6CQLDVHUw1E5X1VMwJ1lVc-DAGlU9DjXrVfUE5J1W1Xeh9a6qdsISF66eCeTqD9D81zj-BPRt47gfFDZG8i3wyV-RvBBan0TyTrgxdTz3-Wo8D4Bbu8fzB5DjN4HnQV3YBB44dgIfDAXFE_iX4BESxX1h6UtRfBUcy4riZ-GT3CheCNcomt-ExI3RPBm6zkdzcSGaV9VH82-g76iJPBiYeSLvCQG5E3ko-PeL4SHwLD6Gi4QYvnNSDK-CS80x_Hc43hLDz4GIjeXu8HB5LN9bGcuPQ509ll8Fb0cs7wc3NQYe4mvgw6BxmoG3QlmegTvg6DsGfgYeLjXwNuhYYeA9Vhp4w14Dvw139xl4Cyy_YuCfQr9HBj4QTEFxPAmcA-I4Bcfx98xx_F-weVscL4fmijj-BCKexvFXwAiJMBPSYT_UwkNogyv9jPwG_Bpq5M3w0iAjN8CsYUaeCVNSjHwGXJ2LPbB9oZGXwcSlRh4PLoVGrodMh5GvO2bk_4Yd54w85icjT4Dd94z8WzgaaOJnYMFoE8-Hu2NM3AmP55j4M-hMN3GXDBN_aaOJR8Lk9lf562DxjufnIbdfPF8Fa6HouZx4Hnwtnv-oJvCbUEwJ3AKzPBN4JlzwSuC_QG3vBH4Wsl6YxBdAgcskXgQ3DBZqAvtUC3m-bqG-cPqAherAs85CwVD2m4Vq4MVeVoqGb1610iEITLXSYAhabaUIuLXJSu-WWmn7YSuVQW6tlZaC2xMreUP-Uyutg-p2K-2DD2btpI0waPZO-nH7TroJSd07KQU0JbvICwZu30XhUGnbRV9Dfesu2rSolLaBpbCU9sKDG6X0CDqbSklpLqW5D0tpIXDFRl5wvLeNzkHqAhtlQF1AGV2FsNwyKltXRg64NqmcuieX0wtTyumTTeV0cX85NcDBo-V0CvQrKmgAuFsqyAdmOiooHU7-t4LqobB_JfmMr6RQuLSmkhpA1FSSO0wvrqY0uHKvmm5AVGM1mcDnf9UUADv_qaYq-EK1kw0O9bXTSdgRbqcq-GGSnX6Gfkl2Gghsmp16Qq9sO-ng82V2skLYKjuNgoGb7RQOaVV2yoaiGjvtgmUFu2kdDD6zmyaEOcgIwUMdNBSKRzuoAvbNc9BhmLLMQTPA7aCDvCHwmYNGgGbwHvICe-Ie2g8DMvfQEHDm7aGyqEZyQEl2I9nAJ6-RQqFiQyPthfWORvoMcu43kkHXRHlpTfQuBF1oomHw9Jcm6gLzr030JvhHN1MImA43UxIsPNFMy6DtZDN1w8CZLRQOJR-1kA1Gbm2hcdByooX-AW3YIwqE6R-0koSs6a4iHy4WuooGuHXHVTyAfKerWAEzOlzFzE5XMRtejdAICTtyNaIckoo1IgVyvtKIPLiyRSNuwONtGtEO3SUa4bFdI9ZzN_EZSKObyIGSXDdhg_gaNzENGg-4iVZIOeImSpvcRCX03OgutOBx3F28fN5dmKBhpIe4Df-85SEc1z1EDWy_6yEiH3sIA0z204qvp2jFwvlakVumFUvh1yqtuAUdbVrRBQXPtKIIPtbpRDE8DNOJNjAYdGIy6N_QCT9IzdGJebBpg06UwtWzOnEHki7qRAqseaATs7V6UR6pF3bwNOpF3-fS9SIYIjP0Yipkw7cr9eIIxK7Si-mQbME6ZF7Wi1APTzEcZg3xFPOh6D1PsRVC6z1F2hVP0edvLxEEnU-8hIvTS-xo8xLlkKzxFtmQofcW8yCjChUWVXuL98H_T28RAoNDfMRYWDvZRxQBs_oIgsrzPuIgPOnyESLNV_jA2-_7Cr2mZ_265lqh_bvx8ybFzzUxL2PuguzY9MVzMweEZWfNzc9btHh4Vl7mkrezc_MXh7-1KC83Pzs3a87IESNHRYyMGDF8xMg574z6P8LXTGA&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CJKHjsHL34oDFRuDXQMdLBoURw&is-cached-offline=false"
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=J9bOHQamZFwQ_0hYfbragHXs-79AmBJLRzyZY1tjJb1MvJuFqsEyPunObFUmcNvYsQLY3ioRgfkOJ5J3pGFNkVPyrnDydqKs6F25qucf8RIUclEEDoYECDZjmzs9K4fBpYVADaQy7j6DzUSjeNT-BbQZp3YnuyNCWmH5_lxP3MK4YaM; expires=Mon, 07-Jul-2025 22:06:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:1.1.1.1:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A142.250.187.232
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:10 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
x-chromium-appcache-fallback-override: disallow-fallback
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-R4O4gZBdnEEr7K95P4j3ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=ESHuhDmuz5bhAd2fAOxR-jJrkraLUsTEnrT8YEo23GgbAPjO_XsUvtyHutHpgNSyBYp5qr2r5hnfKfi6X99c2fwdLrSAtRFA7h16e6t0OmZbUuM91zC8On5PdDWI_2Yd6dJ9VwdXJfi5At7mbBv4Oh7b2xulkXedI3HzQXyW3KhxeTR_; expires=Mon, 07-Jul-2025 22:06:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:14 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-OvOr-0Ejw2-AAGbyVvx_wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0GtY1NUWBvDt_7_XTmGAmeGmqAiCKCYmpmmiIAwzgQqaIXvE0LjFMQ1S0bK8pJmd6JgHLPGCzijDdRwtjccUTc27UUoaFXYoPV6Six7R4eYJev3we9b6sJ_nffdy6fTVdyezT4RkCX0ls8AqV8kccEgj2UWI1kpWAv56yYZ7S2aAM5DmI9kJX8lG9ZesFBL8JAsYKFnyIMls_pI9GSpZZpBk34RgHymZ2yjJdFABz4ZJVjhaso3hkpnGS5YPn0PvC5LNnCDZ1YmS3YKoSMlenoNcs2QT4EqKZH_A9FTJ5oFlvmQ_p0l2F_plSjYAfsqSbNwiyWKheTmyIewd9IZf3pfsT6hYJ9nX8MN6yRoh9gPJkmDiJsniIH-rZDtgWJFk46Fnm2Tu2yVbX4zesN6CCaOskk2GnTbJ7HDJIVkDeH0hWTAcqcYNofG4ZPch8Jxk4bAaNkH8BcnmQvR3-CeYanE_2A6VMPKKZJOg4hr6wnH4Hh7VS6b-LNmnv0q2G0obJKuGI3ARvm2U7EfwvyHZaCi6JVk5eNyWbAgchG_hHNTD3T8l64D0NsmWwh1oh3QPMzsJV0CjNbNBcNfXzLTjzCwAFrxgZsuhBr6DHS-aWRXUwx14McLM4qFfgplFzjKzRPgMNr5iZlvhsNnMbqSY2bpUMyuA6DQzexlOpZtZHWiXIQeS8sxsyxoz2wl34D48hC44vRbZ8Av8Aa3ghN-961jKyGYlHRqyHyo34cPTD5VNkH2zTcmFAc89UgLhwGinchhOjXEqBeFOZTv4xzmVEJiz2qmkwqD3nUow-K53KkOg_ahT6YHis07FBhcXdSh1sHJyp7IOzFM6ldcg5fVOJR1q8juV01A7p0u5BhPe61KiQH-pS_GDfle6FB1E6LsVAwz4oFsJhPxPupXCp6zdyg5o7-1ReuDYoF7lDCQt6lVehTEre5WJoLzbq7iAbSlT90HDH0y9CZ_v7aPG2fqos2DIJkUdDuetinoZzp3BrqrqZQgIVdURUDNbVU_Dgjmqmg2H16nqCajeqKonIfeMqr4NbbdVtRuWu3D1bABXv4eW-5P4Y9B3TOJ-UNAUwbfDx_cjeAG0PY7g3XB95mTus20y94cb-ybze5DtN4XnQm3oFB4wcQofAflFU_jn4BEcyX1hxfORfA18kxnJz8HanEj-EdRTFG-EhM1RfA70XIji4mIUr6yL4l_CwHFTeRAw81TeF_xzpvIQGDQ4mgfDk7hoLuKj-Z5p0bwSLrdE89_hRGs0Pw8iJoa7w4P3YviBihh-AmrtMfwaeDti-GBo1Bh4sK-Bj4KmWQbeBjtzDbwEjr9l4GfhwQoD74CuVQbeZ7WBNxww8Jtw-6CBt8J7Vw38Exj80MCHgSkwlieCc2gsp6BY_o45lv8Ttu6M5WXQUh7LH0NEeyw3gBESYC6kwSGogQfQAVcHG_l1-C3EyFvg-eFGboB5o4w8A2YkG3kSXFuIN7BriZGXwtQVRh4HLgVGrocMh5Fv-MbI_wW7zxt59I9GHg_77hj5V3A8wMTPwuLxJp4HtyeYuBMeLTDxJ9CdZuIu6Sb-_GYTj4DpnS_xV8DiHccvQM7gOL4G1kPhU9lxPKg-jv-gxvNGKKJ4boF5nvE8Ay56xfNfoaZ_PD8Hmc9M44sh32UaL4TrBgs1g32mhTxfsdBAOHPYQrXgWWuhICj9j4Wq4bl-VoqCL1-y0hEISLHSCAh830rhcGOLld4usdKuo1YqhZwaK60At8dW8oa8dittgKpOKx2EtfP20GYYPn8P_bBrDzVCYu8eSgZN8V7ygmG79lIYVNj20hdQ17aXtiwtoZ1gKSihA3Dvegk9hO7mElJaSmjhgxJaAlyxkRec6G-j85Cy2EbpUOtfStcgNKeUSjeUkgPqp5VR7_QyemZGGX28pYwuHSqjBvj6eBmdBv2qchoK7pZy8oG5jnJKg1P_Lac6KBhSQT6TKygELq-roAYQ1RXkDrOLqigVrt6pousQ2VRFJvD5fxX5w56_qqgSPlPtZIMjA-10CnaH2akSvp9mp59gcKKdhgGbZae-0Jtpp2ey7PTvlXayQugaO42DYVvtFAaplXbKgsJqO-2Flfn7aAOMOLuPpoQ6yAhBzzroWSga76ByOPiGg47CjJUOSgK3rx3kDQFPHDQGNCP2kxfYE_bTIRiasZ9GgjN3P5VGNpEDirOayAY-uU0UAuWbmugAbHQ00aeQfbeJDLpmyk1tprch8GIzjYLFl5opD9p_baYeMP_WTK_BoKgWCgbT0RZKhCUnW2gldJxqoV4YNreVwqD4w1aywdgdrTQJWk-20l-gDX1IATB7bRtJyJztKvLgUoGraIAbt1zFPchzuopVkNTlKuZ2u4r58FK4RkjYnaMRZZBYpBHJkL1NI3Lh6naNuA6PdmpEJ_QWa4THLo3YyN3Ep2A2uol_QHGOm7BBXLWbmAVNh91EGyQfcxMlzW6iAvpudhda8DjhLl644C5M0DDWQ9yEv173EI6fPUQ17LrtISIeeQgDTPfTii9maMWSRVqRU6oVK-C3Sq24AV0dWtED-U-0ohA-0ulEETwI1YkOMBh0YjroX9UJP0jJ1ok34LNNOmGDa-d04hYkXtKJZFh3Tyfma_XCGqEXpeBp1IuBT6XpRRBEpOvFTMiCr1brxTGIWaMXsyHJoheZkHFFL0I8PMVomDfSUyyCwnc8xQ4IqfMUqVc9xYD_eYlA6H7sJVycXmJ3h5cogzkab5EF6Xpv8QakV2LC0ipv8S5M-tNbxMCIYB8xEdZP9xGFwKw-gmDLMR9RecFHHIHHPT5CpPoKH3jzXV_RVdlf6DV96ze01AjttvZtt_r4uSbkpi9cnBWTtmxhxtDQrMyFeblLl43OzM1Y_mZWTt6ysNeX5ubkZeVkLhg7Zuy48LHhY0aPGbvgrXF_A_r2V2c&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CMPSrcPL34oDFRuDXQMdLBoURw&is-cached-offline=false"
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=IW_9Fru7LXcgrrC-uDJdI1fW7q4-eGxa21wYAeJytEfR3fE9AIitD11El7IBhBmECY5JChRwVIACBD8BjRbpBHXbAYGpCVJOxkcV7irowHZTaLSXBHBwc5fwWfrdyPHh6acBi_wSOKfm_FNR0RrV1jWacjEbT0BY3gzoZGP3x_ICVBLO; expires=Mon, 07-Jul-2025 22:06:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:14 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
x-chromium-appcache-fallback-override: disallow-fallback
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-riuiFPCdXaFNSQ0J--DIhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=XoTlbxl6tQch63-2MQKp_0o-Z-j7XpvaWRYtQXsm5eRNLkNhotStJDux8kiMtF7IAjhTX-F0NW4WAh3bWnWtUFRiutywWrym-OUF2PD9EimbCsIacpaNRGL_4-NslM5QRQflVsPw9Yz33sl-KiCBauU8LBGjokz9OAepwORwCaMt0oI; expires=Mon, 07-Jul-2025 22:06:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:23 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-wIzRx6r0vAmP2NYFlBTXGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0HtY1MUaB_Dp95t3Ulhgd7kpIoIgiomBaZooCMuuoIJmwqwYGrc4pkEqWpaXNLMTZR4wJRXcVe6sm6bxeEFT826UkqaFHlKPl-SSR3Tl4gnOtz8-z7zvPPPM951xuuOt705mnwnJEvpIZoEVzpLZYb9GsmitZKXgp5dsqKdkBjgFaV6SHfOWbEQ_yaohwUcy3wGSJftKVuYn2bPBkmUGSvZdMOrhkrmMkEwHVfBCqGSFIyVbHy6ZaYxk-bAZel-WbPpYyS6Pk-wOREVK9moScs2SjYVLKZLdhKmpks0By1zJrqVJdh_6ZkrWH37Jkmz0AslioWUpsiH0PcwNv34o2R9QtUayg_DTWsmaIPYjyWbBuA2SxUH-Fsm2wZAiycZAz1eSuW6VbG0x5oZfS3APrLWghxFWySbA9jLJbHDBLlkjeOyVLAgO1Up2HpqOSvYnBJyRLBxWwgaIPyfZbIj-Ae8FUz3-EbZCNQy_JNl4eHxVMvWaZF_8JtkOKG-UrBYOwXn4vkmyn8HvlmQjoeiOZJXgdleyQbAPvoczcBXu_yFZB6S3S7YY7sFTSHczs-NwCTRaM_OF-95mph1tZv4w72UzWwp18ANse8XMauAq3INXIswsHvommFnkDDNLhC9h_WtmtgUOmM3sVoqZrUk1swKITjOzV-FEupk1gHYJcmBWnpltWmVm2-EG3IF1q83sczgJP8CvcBPawAG_ezawlOEtSjo0Zj9SbsPHJx8pGyD7druSC_1ffKwEwJ6RDuUAnAhzKAXhDmUr-MU5lGBIWulQUsH3Q4cSBN5rHcogeHrYofRA8WmHUgbnF3QoDbB8QqeyBswTO5U3IOXNTiUd6vI7lZNQn9SlXIGxH3QpUaC_0KX4QN9LXYoOIvTdigH6f9StBED-Z91K4d-s3co2eNrbo_TAEd9e5RTMWtCrvA5hy3uVcaC836s4Qdlipu6GxptMvQ2bdz2nxpU9p86AQRsUdSictSrqRThzCrWqqhfBP0RVh0HdTFU9CfOSVDUbDqxR1WNQu15Vj0PuKVV9F9rvqmo3LHXi6ml_rv4IrX-O509A3zGe-0BBcwTfCp_-GcELoP1JBO-G69MncK-vJnA_uLV7An8A2T4TeS7Uh0zk_uMm8mGQXzSRbwa3oEjuDcteiuSr4LvMSH4GVudE8k_gKkXxJkjYGMWToOdcFBfno3h1QxT_BgaMnsQDgZkn8T7glzOJB4PvwGgeBM_iormIj-Y7p0TzarjYGs1_h2Nt0fwsiJgY7goPP4jhe6pi-DGot8XwK-Bpj-EDoUlj4EHeBj4CmmcYeDuU5xq4HY6-Y-Cn4eEyA--ArhUG_txKA2_cY-C34e4-A2-DDy4b-Gcw8JGBDwFTQCxPBMfgWE6Bsfw9cyz_J2zZHssroLUylj-BiKex3ABGSIDZkAb7oQ4eQgdcHmjk1-FGsJG3wktDjdwAc0YYeQZMSzbyWXBlPs5AySIjL4dJy4w8DpwKjFwPGXYjX_edkX8OO84aefTPRh4Pu-8Z-bdw1N_ET8PCMSaeB3fHmrgDHs8z8WfQnWbiTukm_tJGE4-AqZ2T-Wtg8Yzj5yBnYBxfBWuh8G_ZcTzwahz_SY3nTVBE8dwCc9zjeQac94jnv0Fdv3h-BjKfn8IXQr7TFF4I1w0WagHbdAu5v2ahAXDqgIXqwb3eQoFQ_m8L1cKLfa0UBd9MttIh8E-x0jAI-NBK4XBrk5XeLbVSyWErlUNOnZWWgcsTK3lC3lMrrYOaTivtg9VzdtJGGDp3J_1UspOaILF3JyWDpngXecCQkl0UClVlu2gvNLTvok2LS2k7WAtKaS88uF5Kj6C7pZSU1lKa_7CUFgFXysgDjvUro7OQsrCM0qHer5yuQEhOOZWvKyc7XJ1SQb1TK-j5aRX06aYKurC_ghrh4NEKOgn6FZU0GFwtleQFs-2VlAYn_lNJDVAwqIq8JlRRMFxcU0WNIGqryBVmFtVQKly-V0PXIbK5hkzg9b8a8oOdf9VQNXyp2qgMDg2w0QnYEWqjavhxio1-gYGJNhoCbIaN-kBvpo2ez7LRv5bbyAohq2w0GoZssVEopFbbKAsKa220C5bn76Z1MOz0bpoYYicjBL5gpxegaIydKmHfW3Y6DNOW22kWuBy0kyf4P7NTGNgSvqb9MDjjaxoOjtyvqTyymexQnNVMZeCV20zBULmhmfbAenszfQHZ95vJoGuh3NQWehcCzrfQCHj6Wwv1gPlGC70BvlGtFASmw62UCIuOt9Jy6DjRSr0wZHYbhULxx21UBqO2tdF4aDveRn-BW8gjGgQzV7eThMyZziIPLhQ4i0a4dcdZPIA8h7NYAbO6nMXsbmcxFyaHa4SEqhyN2AuJRRqRDNlfaUQuXN6qEdfh8XaN6ITeYo1wK9GI9dxFfAFmo4v4BxTnuIgyiKt1ETOg-YCLaIfkIy6itMVFVEGfja5CC27HXMXL51yFCRpHuYnb8NebbsJ-zU3UQsldNxHx2E0YYKqPVuydphWLFmhFTrlWLIMb1VpxC7o6tKIH8p9pRSF8otOJIngYohMdYDDoxFTQv64TPpCSrRNvwaYNOlEKV87oxB1IvKATybDmgU7M1eqFNUIvysHdqBcD_pamF4EQka4X0yELvl2pF0cgZpVezIQkC_Yh45JehLm5i3EwZ7i7WACT0txFHBS-5y62QXCDu0i97C76_9dDBED3Ew_h5PAQOzo8RAUkaTxFFqTrPcVbkF6NFRbXeIr3YfwfniIGhgV5iXGwdqqXKARm9RIEm454iapzXuIgPOnxEiLVW3jB2-97i67qfkLv3Of3da11QnvzWneSj3NCbvr8hVkxaUvmZwwOycqcn5e7eMnIzNyMpW9n5eQtCX1zcW5OXlZO5rxRYaNGh48KDxsZNmreO6P_D2GUTNw&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CJuJwcfL34oDFSGGXQMd4twR_w&is-cached-offline=false"
Document-Policy: include-js-call-stacks-in-crash-reports
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=hzx2tYuRv6SFTEN5rjbwYSbeXH4uvlGUo8ivucHFG1mzsduu4YHo_SHJxrdykKvRVKQrjPBwYP54JOZPHOLVj6u0mAOPR8djMiaUCPXkgDHqIarixq33O8BkQx6DJKMBXntuu_HG-ITe28yj7ViD2MXDVduG6dOn6eZoIrg10TwbjVs; expires=Mon, 07-Jul-2025 22:06:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:23 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
x-chromium-appcache-fallback-override: disallow-fallback
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-zFaj0tjfnFZ7TRdf1fc_yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=P20e88wOeLpaHWw3UuuamZe6wV-zeE6R0yx0vQnBTLg2h_P4dNWjWWmJzMgJqGojT90rWOjzbNFy5JsYKn-EMzvhhbNn_dt66jNBGy21Fijtni2_cnEgKT5_xoVVIyqjS4DCWLqPJEML_QCs80VHpJmZosGeXh_qmCDG4T7aEdmyrLWi; expires=Mon, 07-Jul-2025 22:06:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:39 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-yjdU8dwtUPlAVBrRg6FXeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0HlY1NUaB_DT73fek8IAM8OmqAiyKCYmpGmiIAxDoIJmwhkxNLa4LkEqWpZLmnlvdMkLLqSCjDCs46hpPC645m6UkqaFZel1SZZMdGSxoG9_fJ73Pec5z_N93-OwqZ--O4lVwqdCsvg-kpXCCkfJbLBfI1m-k2SRWsnKwVsv2VB3yQxwGlI9JDvuKdmIfpJVQLyXZB4DJEsaKJnFW7JnQyTL8JPsWCD64ZI5jZBMB9XwQrBkhSMlWx8iWcwYyfJgM_S-LNm0sZJdGSfZHYgIl-y1ROSaJBsLl5Ml-xWmpEg2G0rnSHY9VbL70DdDsv7wfaZkoxdIFg0tS5ENwe9hbvjhQ8l-g-o1kh2Eb9dKdhOiP5JsJozLlywW8rZItg0CiiQbAz2fS-a8VbK1xZgbrpcgE9aW4gwjzJJNgO0Wyaxw0SZZE7jtlcwfDtVJdgF-PipZG_ielSwEVkI-xJ2XbBZEfo19IaYB_whboQaGX5ZsPDy-Jpl6XbLPfpRsB1Q0SVYHh-ACfHVTsu_A-5ZkI6HojmRV4HJXssGwD76Cs3AN7v8mWQektUu2GO7BU0hzMbETcBk0WhMbCPc9TUw72sR8YO7LJrYU6uFr2PaKidXCNbgHr4SZWBz0jTex8OkmlgCbYP3rJrYFDphM7Fayia1JMbECiEw1sdfgZJqJNYJ2CXJgZq6JbVxlYtvhHvwOj6ALBqw2MT8oByucgq_hB_gV2sAOv7g3suThLUoaNGU9Um7Dx6ceKfmQdbtdyYH-Lz5WfGHPSLtyAE6OsisFIXZlK3jH2pVASFxpV1Jg4Id2xR8819qVwfD0sF3pgeIzdsUCFxZ0KI2wfEKnsgZMEzuVNyH5rU4lDerzOpVT0JDYpVyFsR90KRGgv9ileEHfy12KDsL03YoB-n_UrfhC3qfdSuE_zN3KNnja26P0wJGBvcppmLmgV3kDRi3vVcaB8n6v4gCWxUzdBU2_MvU2bC57To21PKdOh8H5ijoUzpkV9RKcPY1eVdVL4BOkqsOgfoaqnoK5iaqaBQfWqOpxqFuvqicg57Sqvgvtd1W1G5Y6cPWMD1e_gdbfx_MnoO8Yz72goDmMb4VPfg_jBdD-JIx3w41pE7jH5xO4N9zaNYE_gCyviTwHGoImcp9xE_kwyCuayDeDi38494RlL4XzVXAsI5yfhU-yw3kBXKMIfhPiN0TwROg5H8HFhQhe0xjBv4ABoydxP2CmSbwPeGdP4oGgHxTJveBZbCQXcZF85-RIXgO11ZF8H1xqjeS_wPG2SH4ORFQUd4aHH0TxPdVR_Dg0WKP4VXC3RfFBcFNj4P6eBj4CmqcbeDscfcfAz8DDZQbeAV0rDPy5lQbetMfAb8PdfQbeBh9cMfBPYdAjAw-AGN9ongD2IdGc_KL5e6Zo_h_Ysj2aV0JrVTR_AmX2aF4LYU-juQGMEA-zIBX2Qz08hA64MsjIb8BPgUbeCi8NNXIDqMON3BVmjzDydJiaZOQz4eo8vIWSRUZeAZOWGXksOBQYuR7SbUa-7piR_xd2nDPyyO-MPA523TPyL-GoTww_AwvHxPBcuDs2htvh8dwY_gy6U2O4Q1oMf2lDDA-DKZ2v8teh1D2Wn4fsQbF8FayFwn9kxXK_a7H8WzWO34R8iuObYbZrHE-HC25x_Eeo7xfHz0LG85P5QshzmMwL4YahlFrAOq2UXF8vpQFw-kApNYBrQyn5QcXPpVQHL_Y1UwR88aqZDoFPspmGge-HZgqBWxvN9G65mUoOm6kCsuvNtAycnpjJHXKfmmkd1HaaaR-snr2TNsDQOTvp25KddBMSendSEmiKy8gNAkrKKBiqLWW0Fxrby2jj4nLaDuaCctoLD26U0yPobiknpbWc5j0sp0XAFQu5wfF-FjoHyQstlAYN3hV0FYKyK6hiXQXZ4NrkSuqdUknPT62kTzZW0sX9ldQEB49W0inQr6iiIeBcWkUeMMtWRalw8v9V1AgFg6vJY0I1BcKlNdXUBKKumpxhRlEtpcCVe7V0A8KbaykGPP6sJW_Y-Vct1cAm1UoWODTASidhR7CVauCbyVb6HgYlWCkA2HQr9YHeDCs9n2ml_y23khmCVllpNARssVIwpNRYKRMK66xUBsvzdtE6GHZmF00MspER_F6w0QtQNMZGVbBvvo0Ow9TlNpoJTgdt5A4-z2w0CjTDdpMbWON3034Ykr6bhoM9ZzdVhDeTDYozm8kC7jnNFABV-c20B9bbmukzyLrfTAZdC-WktNC74HuhhUbA0x9bqAdMP7XQmzAwopX8IeZwKyXAohOttBw6TrZSL4Q2tNJ4CJjVRsFQ_HEbWSB0WxuNh7YTbfQXuAQ9osEwY3U7SciY4Shy4WKBo2iCW3ccxQPItTuKFTCzy1HM6nYUc-DVEI2QUJ2tEXshoUgjkiDrc43IgStbNeIGPN6uEZ3QW6wRLiUasZ47ic_AZHQS_4LibCdhgdg6JzEdmg84iXZIOuIkylucRDX02eAstOBy3Fm8fN5ZxEBTqIu4DX-95SJs111EHZTcdRFhj12EAaZ4acXeqVqxaIFWZFdoxTL4qUYrbkFXh1b0QN4zrSiEf-t0oggeBulEBxgMOjEF9G_ohBckZ-nEfNiUrxMWuHpWJ-5AwkWdSII1D3RijlYvKsP0wgquRr0Y8I9UvfCDsDS9mAaZ8OVKvTgCUav0YgYkluIe0i_rRaCLqxgJycNdxXwofM9VbIPARleRcsVV9P_DTfhC9xM34WB3Ezs63EQlJGrcRSak6d3FfEirQYXFte7ifRj4m7vwh2H-HmIcrJ3iIQqBmT0EwcYjHqL6vIc4CE96PIRI8RQe8Pb7nqKrpp_QO_b5Y11rvdBePvZnXy_H-Jy0eQszo1KXzEsfEpSZMS83Z_GSkRk56UvfzszOXRL81uKc7NzM7Iy5oaNCR4eEhowaOSp07juj_wbWeV34&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CNjDxM_L34oDFeSHXQMdftccww&is-cached-offline=false"
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=MhZtX3HHWyaqWtopwlncq25u_6nV7UbaDdoIPknDKuMUBuaSWzQG2HMyyxjmbQlhJUjnzMF2MaFyt0OYntuqvttKDr7d1MPs-UADRFpUEBQQGCSMLpCNMj_E223Ibn3x58erTCR3LlqI8yMwdZ0VDDBJfWb87ZjvEbL5bKzY1_DM0B8; expires=Mon, 07-Jul-2025 22:06:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:06:40 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
x-chromium-appcache-fallback-override: disallow-fallback
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-v5L7pylWVeMGoiKAgmJoXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=ZIzMBkX5BduDBKY_nK73aj9PzAQLGDc4JbnngS16sBybB4RP91TbObGL6Mjma3DVcA29Alp6g2Of6oJB0syRmsVV2LGUb50y-T2UnoKG1UmhOF6nyeh3oHlmjjDyya4vn6XZc7hatGYpC54M48WbrBd36DTf-1tDDHnVAse6KqU; expires=Mon, 07-Jul-2025 22:06:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:07:12 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-VATamzWtI_LrSUaKcNRRTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0HtU1NUWB_DT73f2SWGAmeFlqIgCKiYGpmmiIAwzgQqaCWfE0HjF8hEkomWlqZkVXTQwJZ8zygyvcdI0limamm-jlDQr7FJ6fSQPvaIjD29wv_3xWXuvs85a372326p--u5UZodPhWRJfSSzwFJ3yd4DJxzQSHYeYrWSlUOgXrJhvpIZ4BRk-El2zF-ykf0ks0NSgGT9-kuWOkAyW6BkT4ZIlh0s2bdD0Y-QzGOkZDqogmfDJSsdJdm6SMlMYyUrgk3Q-4Jk08dJdnm8ZDchJlqyl1OQa5ZsHFxKk-xPmJou2RywzJXslwzJ7kDfbMmegZ9zJBuzULJ4aFmKbAh_G3PDr6sk-wuqVkv2Dfy4RrImiP9AslkwvliyBCjaLNlWCC2TbCz0fCGZ5xbJ1mzH3LDGggojrZJNhG02yRxwwSlZI_jskywEDtXihtB0VLJ7MPiMZJGwAooh8ZxksyH2e-wJpnrcD7ZANYy4JNkEOHpFsh_g4VXJ1F8kW_-bZDvB3ihZLRyC8_Bdk2Q_QeB1yUZB2U3JKsHrlmSDYD98B2fgKtz5S7IOyGyXrABuw2PI9DKz43AJNFozGwB3_M1MO8bMgmDeC2a2FOrge9j6opnVwFW4DS9GmVki9E0ys-gZZpYMn8O6V8xsMxw0m9n1NDNbnW5mJRCbYWYvw4lMM2sA7RLkwKxCM9u40sy2wW24B09Afd_M-kMwrIfNcBK-h1_hT2gDF_zh28DSRrQomdCY-0C5AR-efKAUQ-6NdiUfnnnuoTIY9o5yKQfhRIRLKYl0KVsgMMGlDIWUFS4lHQascikh4L_GpQyCx4ddSg9sP-1SbHB-YYfSAMsndiqrwTypU3kN0l7vVDKhrqhTOQn1KV3KFRj3bpcSA_oLXUoA9L3UpeggSt-tGOCZD7qVwVD0abdS-g9rt7IVHvf2KD1wZECvcgpmLexVXoWI5b3KeFDe6VXcwFbA1D3Q-CdTb8Cm3U-pCban1BkwqFhRh8FZq6JehDOn0KuqehGCwlR1ONTNVNWTMC9FVXPh4GpVPQa161T1OOSfUtW3oP2WqnbDUjeung7i6g_Qem8CfwT6jgk8AEqao_gW-OReFC-B9kdRvBuuTZ_I_b6YyAPh-p6J_C7kBkzi-VAfNokHjZ_Eh0NR2SS-CbxCork_LHs-mq-Eb7Oj-Rn4JC-al8BViuFNkLQhhqdAz7kYLs7H8OqGGP4V9B8zmQcDM0_mfSAwbzIfCvqBsTwAniTEcpEYy3dNieXVcLE1lv8Bx9pi-VkQcXHcE-6_G8f3VsXxY1DviONXwNcZxwdCk8bAQ_wNfCQ0zzDwdrDnG7gTjr5p4Kfh_jID74Cu9wz8qRUG_tEGA98AjXsN_Abc2m_gbfDuZQP_FAY-MPBQMA2O58ngGhLPKTiev22O5x_D5m3xvAJaK-P5I4h6HM8NYIQkmA0ZcADq4D50wOWBRn4Nfh9q5K3w_DAjN8CckUaeBdNSjXwWXJmPP7BjsZHbYfIyI08AtxIj10OW08jXfmvk_4KdZ4089icjT4Q9t438azgaZOKnYdFYEy-EW-NM3AUP55n4E-jOMHG3TBN_foOJR8HUzpf4K2DxTeDnIG9gAl8Ja6D0H7kJPPhqAv9RTeRNUEyJfBPM8U7kWXDeJ5H_BnX9EvkZyH56Cl8ERW5TeClcM1ioBRzTLeT9ioX6w6mDFqoH73oLBYP93xaqhef6WikGvnrJSocgKM1Kw2HwKitFwvWNVnqr3Eo7DlvJDnl1VloGHo-s5AuFj620Fmo6rbQf3p-zizbAsLm76Mcdu6gJknt3USpotu8mHwjdsZvCocq2m_ZBQ_tu2lhQTtvAUlJOe-HutXJ6AN0t5aS0ltP8--W0GLhiIx841s9GZyFtkY0yoT7QTlcgLM9O9rV2csLVKRXUO7WCnp5WQZ9srKALByqoEb45WkEnQf9eJQ0BT0sl-cFsZyVlwIn_VFIDlAyqIr-JVTQULq6uokYQtVXkCTPLaigdLt-uoWsQ3VxDJvD7Xw0Fwq6_a6gaPlcdZIND_R10AnaGO6gafpjioJ9hYLKDQoHNcFAf6JvjIB18ttxBVghb6aAxELrZQeGQXu2gHCitddBuWF60h9bC8NN7aFKYk4wQ_KyTnoWysU6qhP0LnHQYpi130izw-MZJvhD0xEkR4Ej6kg7AkKwvaQS48r8ke3QzOWF7TjPZwDe_mUKhsriZ9sI6ZzOth9w7zWTQtVB-egu9BYPPt9BIePxbC_WA-fcWeg0GxLRSCJgOt1IyLD7eSsuh40Qr9ULo7DYKh-0ftpENRm9townQdryN_gZt2AMKgpnvt5OE7JnuohAulLiLRrh-013chQUud1EAs7rcxexudzEXXorUCAlVeRqxD5LLNCIVcr_QiHy4vEUjrsHDbRrRCWyHRmhhHfcQ60EaPUQubM_zEDZIqPUQM6D5oIdoh9QjHqK8xUNUQZ8NnkILXsc8xQvnPIUJGkd7iRvw9-tewvmLl6iFHbe8RNRDL2GAqQFasW-aVixeqBV5dq1YBr9Xa8V16OrQih4oeqIVpfCRTifK4H6YTnSAwaATU0H_qk4EwOxcnZgPG4t1ohyunNGJm5B8QSdSYfVdnZir1QtrlF7YwduoF_3_kaEXwRCVqRfTIQe-XqEXRyBupV7MhBQL3iHrkl5EeHmL8ZA2wlssgNK3vcVWGNrgLdIvewuv__oIf-h-5CPcXD5iZ4ePqIAUja_IgUy9r1gAmdWoUFDjK96BAX_5ihAYHuInxsOaqX6iFJjVTxBsPOInqs_5iUPwqMdPiHR_4QdvvOMvuqr7Cb2mz2cfttYJ7b47--8oAe5J-ZnzF-XEZSyZnzUkLCd7fmF-wZJR2flZS9_IyStcEv56QX5eYU5e9rzREaPHRI6OjBgVMXrem2P-D6CHVB8&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CPLtkt_L34oDFeSHXQMdftccww&is-cached-offline=false"
Document-Policy: include-js-call-stacks-in-crash-reports
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=ZgitzCPgML84zFs2tPBYIXbBM_y0u0ioL1lEcdHdn_O7WjC91wPK7JRDTikIdlStUW_l7E2wDm4FJ9OPoC3zUn3rDmhW8_KJzSvKj0kvLIQxc5zxyvC28JdhjXUr84p2_6-t044KEnK1_cgKxW0LzRtFVuA2V8uKmaaFU3h5KaC6Oag; expires=Mon, 07-Jul-2025 22:07:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:07:13 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
x-chromium-appcache-fallback-override: disallow-fallback
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-CfCubiPQRbXS9ukMwfmNGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=NDsTnwSLvmh4Rx2Bdh51mYjWZuc8qaOKcgh0MoDqqMspNaDp61NkluzZmSoyX6IabNE71i7tTfS_ArGevMT74BbR51xyrn3dBfxuSFBukHoelYgID-GSUyOqXoORY1Y6nxtVFjnavcobkyQE9oZD5QnEUHnLinajQwc8k2xR6vTiilSn; expires=Mon, 07-Jul-2025 22:07:13 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Robots-Tag: noarchive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:08:17 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-xfsgz7dQvxiq9xi1NQKRSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Reporting-Endpoints: default="/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/web-reports?bl=editors.documents-frontend_20241210.02_p4&context=eJwV0HtY1FUaB_Dj73fek8IAwwCDIiIIopgYmKaJgjAMgQqaIWfE0LjFegkS0aJS09TdaMkFU1LRGWW4jpOm8ZiiqXk3SkmzDcvS9ZJcckVHbhvstz8-z_v-cZ7n-56vU5u3rieFfSQkSxwomRkKnSV7D-xwSCPZRYjWSlYBfjrJRnlJZoAzkK6X7IS3ZGMHS2aDRB_J9EMlS_GVzOonWe8IybICJfsqGPsYyVzGSuYONfBsqGSl4yTbFC5Z3ETJimAr9L8g2exJkl2dLNkdiIqU7OV5yDVJNgmupEr2G8xMk2wBmBdK9mO6ZPdhUJZkQ-CHbMkmLJUsFlpXIhtC38bd8O_3JfsdatZJ9iV8t16ymxD7gWTJMLlYsngo2ibZDhhZJtlE6PtUMtftkq0vx92w3owJYy2STYWdVnQAl-ySNYPnAcmC4Eg9OoRfjkvWDgHnJAuH1VAMCRckmw_R3-CfENeI_mA71MKYK5JNgWPXJGuEx9clU3-U7OOfJNsNlc2S1cMRuAhf35Tse_C7Jdk4KLsjWTW43ZVsOByEr-EcXIf7v0vWCRkdkuXDPXgKGW4mdhKugEZrYr5w39vEtBNMzB8WvWBiK6EBvoEdL5pYHVyHe_BihIklwKBEE4ucY2JJ8AlsesXEtsFhk4ndSjWxdWkmVgLR6Sb2MpzKMLEm0K5ADiQXmNiWNSa2E-7BH9AL6loTOw3fwG1ogXZwwK9eTSx1TKuSAc05j5TbsPH0I6UYcm53KHkw5LnHSgDsH-dQDsOpMIdSEu5QtoNfvEMJhnmrHUoa-L7vUILAe71DGQ5PjzqUPig_61CscHFpp9IEhVO7lHVgmtalvAapr3cpGdBQ1KWchsZ53co1mPRutxIFukvdig8MutKtuEOErkcxwJAPepQAKPqoRyn9i6VH2QFP-_uUPjjm26-cgeSl_cqrEFbYr0wG5Z1-xQms-UzdB82_MfU2bN07QI23DlDnwPBiRR0F5y2KehnOncGuqupl8A9R1dHQMFdVT8OieaqaA4fXqeoJqN-kqich74yqvgUdd1W1B1Y6cfWsP1e_hbY_pvAnoOucwn2gpCWCb4cP_4jgJdDxJIL3wI3ZU7n-06ncD27tm8ofQI7PNJ4HjSHTuP_kaXw0FJVN41vBLSiSe8Oq5yP5GvgqK5Kfgw9zI3kJXKcofhMSN0fxedB3IYqLi1G8timKfw5DJ0zngcBM0_lA8MudzoPBd1g0D4Le-GguEqL5nhnRvBYut0XzX-FEezQ_DyImhrvCw3dj-P6aGH4CGm0x_Bp42WP4MLipMfAgbwMfCy1zDLwDjr9p4Gfh4SoD74Tu9wx8wGoDX73ZwDdC834Dvw13Dxp4O7x71cA_gmGPDHwkxAXE8iRwjIjlFBjL3zbF8n_Atp2xvAraqmP5Ewh_GstfBCMkwnxIh0PQAA-hE64OM_Ib8HOwkbfB86OM3AALxhp5JsxKMfJkuLYYb2DXciOvhOmrjDwenEqMXAeZdiPf8JWR_xN2nzfy6O-NPAH23TPyL-C4fxw_C8smxvECuDspjjvg8aI43gs96XHcKSOOP785jkfAzK6X-Ctg9ornFyB3WDxfA-uh9C858Tzwejz_Tk3gN6GYEvhWWOCRwDPhomcC_wkaBifwc5D1zAy-DIqcZvBSuGEwUyvYZpvJ4xUzDYUzh83UCB6NZgqEyl_MVA_PDbJQFHz-koWOgH-qhUZDwPsWCodbWyz0VoWFdh21UCXkNlhoFbg8sZAXFDy10Aao67LQQVi7YA9thlEL99B3u_bQTUjq30MpoCnfS54wctdeCoUa6146AE0de2lLfgXtBHNJBe2HBzcq6BH0tFaQ0lZBix9W0HLgipU84cRgK52H1GVWyoBGv0q6BiG5lVS5oZLscH1GFfXPrKJnZlXRh1uq6NKhKmqGL49X0WnQvVdNI8DVXE16mG-vpnQ49Z9qaoKS4TWkn1pDwXB5XQ01g6ivIVeYW1ZHaXD1Xh3dgMiWOooD_f_qyA_2_FlHtfCJaiMrHBlqo1OwO9RGtfDtDBv9AMOSbDQS2BwbDYT-LBs9k22jfxXayAIha2w0AUZus1EopNXaKBtK6220FwqL9tEGGH12H00LsZMRAp-107NQNtFO1XBwiZ2OwqxCOyWDy5d28gL_XjuFgS3xMzoEIzI_ozHgyPuMKiNbyA7l2S1kBX1eCwVDdXEL7YdN9hb6GHLut5DBvZXy0lrpLQi42Epj4elPrdQHpp9b6TV4PLyNesE3qo2CIO5oGyXB8pNtVAidp9qoH0bOb6dQKN_YTlYYv6OdpkD7yXb6E9xCHtFwmLu2gyRkzXUWBXCpxFk0w607zuIBLHE4i3xI7nYW83ucxUJ4KVwjJNTkasQBSCrTiBTI-VQj8uDqdo24AY93akQX9JdrhNsujdjEXcTHYDK6iL9Bea6LsEJ8vYuYAy2HXUQHpBxzERWtLqIGBm52FVpwO-EqXrjgKuKgebybuA1_vu4m7D-6iXrYdddNRDx2EwaY6aMVB2ZpxfKlWpFbqRWr4OdarbgF3Z1a0QdFvVpRCn93dxdl8DDEXXSCweAuZoLuVXfhA_Nz3MVi-KTYXVjh2jl3cQeSLrmLFFj3wF0s1OqEJUInKsHDqBND_5KuE4EQkaETsyEbvlitE8cgZo1OzIVks05kQeYVnQhz8xCTIXWMh1gCpW97iB0Q3OQh0q56iCH_9RQB0PPEUzg5PMXuTk9RBfM0XiIbMnReYglk1GJCfp2XeAd8f_cSQTA6SC8mw_qZelEKzKIXBFuO6UXtBb04Ak_69EKkeQs9vPGOt-iuHSx0moFNG9sahPZC24OOAT7OiXkZi5dlx6SvWJw5IiQ7a3FBXv6KcVl5mSvfyM4tWBH6en5ebkF2btai8WHjJ4SPDw8bFzZ-0ZsT_g86lFHI&build-label=editors.documents-frontend_20241210.02_p4&imp-sid=CLbhgv7L34oDFeSHXQMdftccww&is-cached-offline=false"
Document-Policy: include-js-call-stacks-in-crash-reports
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=EAz-Xgza9f4mAKt-Q5lajwDiTmFInnso-C5PzCSnPkvBTULrEn9y-nZd83F53TAbWk_-Pw2WxOyAAgwJ7WBTCB2wc3LYMGXrU2jPUwy0MWw1QNxZooY8NNdTIKBbAjZLFVI_LkuTC2tDWRNGWVRS5h80YRTbO32PTuqV54fqGZ_RlYE; expires=Mon, 07-Jul-2025 22:08:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
Remote address:172.217.169.78:443RequestGET /document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasic HTTP/1.1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
Accept: text/html,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cache-Control: no-cache
Host: docs.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 403 Forbidden
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 05 Jan 2025 22:08:17 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
x-chromium-appcache-fallback-override: disallow-fallback
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
Content-Security-Policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-aX9gmb-xmlYqJlzKJjK0QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=520=DAGqN6WKZSAXl9nAviowYadwVuiWflVaPqo4lROcKEwewXiLaO65jFcxcwY8b10qj8kgn-e27s9-yZZHyEwXxtxflZGS_rqPJ85dgbsUl27BPtC63oWx9G5Qwm46svsJOmSk10_JQFXSv8973M9xhAnNTog864cuOEc9iV4QCKAYRgUX; expires=Mon, 07-Jul-2025 22:08:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-5
Transfer-Encoding: chunked
-
1.2kB 40 B 1 1
-
914 B 40 B 1 1
-
914 B 40 B 1 1
-
4.4kB 8.7kB 16 23
-
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http2.1kB 21.0kB 20 25
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.9kB 11.1kB 17 17
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http2.1kB 21.1kB 20 24
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
1.4kB 6.3kB 10 9
-
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.9kB 11.0kB 17 17
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http1.8kB 20.9kB 16 22
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.9kB 11.0kB 17 17
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http1.8kB 20.6kB 16 21
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.8kB 11.1kB 16 16
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http1.8kB 20.9kB 16 22
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.9kB 11.1kB 17 17
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http1.9kB 20.8kB 17 22
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.9kB 11.0kB 17 17
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
172.217.169.78:443https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasictls, http1.8kB 20.8kB 15 22
HTTP Request
GET https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasicHTTP Response
200 -
172.217.169.78:443https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasictls, http1.7kB 11.0kB 13 15
HTTP Request
GET https://docs.google.com/document/d/1IIB6hhf_BB1DaxzC1aNfLEG1K97LsPsN55AT5pFWYKo/mobilebasicHTTP Response
403 -
135 B 40 B 2 1
-
3.8kB 12
-
69 B 109 B 1 1
DNS Request
android.apis.google.com
DNS Response
142.250.179.238
-
61 B 77 B 1 1
DNS Request
docs.google.com
DNS Response
172.217.169.78
-
70 B 86 B 1 1
DNS Request
ssl.google-analytics.com
DNS Response
142.250.187.232
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
1Suppress Application Icon
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
580KB
MD5ed9219be2761d62f01f05dee71f02df3
SHA1c2b904961f519a66052c04d444b34ef4c3f00e67
SHA256b8f6a3769331039a5f2dc29eba3adc431a7b086d47ec579cd143da11f137f13d
SHA512420dc0fa4e231a66fa5c26fbd7952f574aa24aec62ecdf387dd376e98dac93cbea493785d67a030bd6d6745b00c7f3b14b693f906124ee6438b6a227d682f8bd
-
Filesize
798B
MD57d1c0686b9b3f94553bb46b4ded50e3a
SHA1bc20051f6b292ece9a09d64bc0eb9dfac5de69e7
SHA25609f819ec6977634c001df5739d46dc91ed49b24287f47b21328201cdf81a3c76
SHA512e4f74d87971e464d6f54a3240489f4ed48a486254597ab34215d69fb21c14ff5668d4cce70c8d17777893ccd85c225919f9d021f898cac6c0f14b8ca9c4a0798