Overview

URL support.agoogle.ir/
IP138.201.6.227
ASNHetzner Online GmbH
Location Germany
Report completed2022-08-30 10:43:50 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-08-29 2 support.agoogle.ir/ Google Inc.
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed
2022-08-30 2 agoogle.ir Sinkholed


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-30 07:02:05 UTC 143.204.55.36
mnemonic passive DNS fonts.agstatic.ir (17) 0 2022-08-23 13:23:19 UTC 2022-08-23 13:23:19 UTC 138.201.6.227 Unknown ranking
mnemonic passive DNS agstatic.ir (1) 0 2022-04-12 11:57:34 UTC 2022-04-12 12:07:17 UTC 138.201.6.227 Unknown ranking
mnemonic passive DNS storage.googleapis.com (1) 420 2012-08-06 06:33:30 UTC 2022-08-30 05:44:30 UTC 216.58.207.208
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-30 04:18:33 UTC 143.204.55.110
mnemonic passive DNS www.agstatic.ir (8) 0 No data No data 138.201.6.227 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-05-21 07:15:40 UTC 2022-08-30 08:19:55 UTC 142.250.74.174
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-30 04:12:17 UTC 34.120.237.76
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-30 04:25:59 UTC 34.117.237.239
mnemonic passive DNS support.agoogle.ir (2) 0 2022-08-29 18:50:56 UTC 2022-08-30 05:07:18 UTC 138.201.6.227 Unknown ranking
mnemonic passive DNS play.agoogle.ir (14) 0 No data No data 138.201.6.227 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2012-05-23 12:41:44 UTC 2022-08-30 05:24:42 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-08-30 04:23:29 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-08-30 04:23:24 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-30 06:42:38 UTC 93.184.220.29
mnemonic passive DNS ssl.agstatic.ir (2) 0 2022-08-23 13:23:55 UTC 2022-08-23 13:23:55 UTC 138.201.6.227 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-30 04:28:52 UTC 54.148.218.213
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-04-02 10:51:04 UTC 2022-08-30 04:24:15 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS lh3.googleusercontent.com (2) 66 2012-05-22 07:35:05 UTC 2022-08-30 04:32:30 UTC 142.250.74.1


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.201.6.227

Date UQ / IDS / BL URL IP
2022-09-04 22:52:05 +0000
0 - 0 - 14 accounts.agoogle.ir/v3/signin/identifier?dsh= (...) 138.201.6.227
2022-09-04 11:24:04 +0000
0 - 0 - 4 accounts.agoogle.ir/ServiceLogin?continue=htt (...) 138.201.6.227
2022-09-04 10:53:07 +0000
0 - 0 - 17 accounts.agoogle.ir/ 138.201.6.227
2022-09-03 23:48:01 +0000
0 - 0 - 13 accounts.agoogle.ir/ServiceLogin?passive=1209 (...) 138.201.6.227
2022-09-03 14:35:45 +0000
0 - 0 - 7 accounts.agoogle.ir/ServiceLogin?passive=1209 (...) 138.201.6.227

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-12-06 21:21:25 +0000
0 - 0 - 8 damduar.ir/oop/index.php?QBOT.zip 88.99.104.30
2022-12-06 18:59:15 +0000
0 - 0 - 2 iplis.ru/ru12.lnk 148.251.234.93
2022-12-06 18:45:56 +0000
10 - 0 - 42 ashri-ma.com/usps/verification 135.181.142.230
2022-12-06 18:43:51 +0000
0 - 0 - 1 95.217.31.208/666894409093.zip 95.217.31.208
2022-12-06 18:43:08 +0000
0 - 0 - 1 95.217.151.129/787909197773.zip 95.217.151.129

Last 5 reports on domain: agoogle.ir

Date UQ / IDS / BL URL IP
2022-09-04 22:52:05 +0000
0 - 0 - 14 accounts.agoogle.ir/v3/signin/identifier?dsh= (...) 138.201.6.227
2022-09-04 11:24:04 +0000
0 - 0 - 4 accounts.agoogle.ir/ServiceLogin?continue=htt (...) 138.201.6.227
2022-09-04 10:53:07 +0000
0 - 0 - 17 accounts.agoogle.ir/ 138.201.6.227
2022-09-03 23:48:01 +0000
0 - 0 - 13 accounts.agoogle.ir/ServiceLogin?passive=1209 (...) 138.201.6.227
2022-09-03 14:35:45 +0000
0 - 0 - 7 accounts.agoogle.ir/ServiceLogin?passive=1209 (...) 138.201.6.227

No other reports with similar screenshot



JavaScript

Executed Scripts (57)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (83)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 09:45:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xf9Ta6_3BDz4H0q1I_ho1FW7OhMemX55S4bh-lrfLWlvLggIiZXL_Q==
Age: 3518


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6879
Expires: Tue, 30 Aug 2022 12:38:18 GMT
Date: Tue, 30 Aug 2022 10:43:39 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nUuEmUSSRH4QDZhE4d2Sk9lE2r3LszMIOLhO-R3_hwBG0rXdDMN1HQ==
age: 43661
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 30 Aug 2022 10:43:39 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "84EE9020A6977BAE4B05A335B011348ABDB5B9D0CCF2E009D867311249B93C4C"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 30 Aug 2022 16:43:39 GMT
Date: Tue, 30 Aug 2022 10:43:39 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 30 Aug 2022 10:17:12 GMT
Expires: Tue, 30 Aug 2022 10:21:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9MNO-2S9Ra8m1tHMjokqHWvjKLAODCTBVFNUzdqP5NJaeK3mxdoFaw==
Age: 1587


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: support.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Strict-Transport-Security: max-age=31536000; includeSubdomains
Date: Tue, 30 Aug 2022 10:43:39 GMT
Expires: Tue, 30 Aug 2022 10:43:39 GMT
Cache-Control: private, max-age=0
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-tMLNqlgvMNP5ei4uo9Z9' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'report-sample';report-uri https://csp.withagoogle.ir/csp/scfe
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info.", CP="This is not a P3P policy! See g.co/p3phelp for more info."
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: support-content-ui
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; expires=Wed, 01-Mar-2023 10:43:39 GMT; path=/; domain=.agoogle.ir; Secure; HttpOnly; SameSite=none NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; expires=Wed, 01-Mar-2023 10:43:39 GMT; path=/; domain=.agoogle.ir; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (63697)
Size:   311059
Md5:    8d4a4a57dd70446849e1257bb8715f68
Sha1:   cca032932554dd682fc3b25c8e7198ec0f4e7697
Sha256: 9343fd32716225a329ee18d7ddaa2e6331c9071e4a8e5d3ee6caf0010089795b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4102
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 10:43:40 GMT
Last-Modified: Tue, 30 Aug 2022 09:35:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30C8BEADFA4E3D8518F358B41E455D9E4B1DD243DB5282E184F1EB32D3BB74B0"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20638
Expires: Tue, 30 Aug 2022 16:27:38 GMT
Date: Tue, 30 Aug 2022 10:43:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30C8BEADFA4E3D8518F358B41E455D9E4B1DD243DB5282E184F1EB32D3BB74B0"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11494
Expires: Tue, 30 Aug 2022 13:55:14 GMT
Date: Tue, 30 Aug 2022 10:43:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30C8BEADFA4E3D8518F358B41E455D9E4B1DD243DB5282E184F1EB32D3BB74B0"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11560
Expires: Tue, 30 Aug 2022 13:56:20 GMT
Date: Tue, 30 Aug 2022 10:43:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30C8BEADFA4E3D8518F358B41E455D9E4B1DD243DB5282E184F1EB32D3BB74B0"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Tue, 30 Aug 2022 16:43:26 GMT
Date: Tue, 30 Aug 2022 10:43:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30C8BEADFA4E3D8518F358B41E455D9E4B1DD243DB5282E184F1EB32D3BB74B0"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 30 Aug 2022 16:43:40 GMT
Date: Tue, 30 Aug 2022 10:43:40 GMT
Connection: keep-alive

                                        
                                            GET /og/_/ss/k=og.qtm.UPIt2X3ihcA.R.X.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTu1iPpDk8NAWnqYqvD85SJ_QLZatQ HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/one-google-eng
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="one-google-eng"
Report-To: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/one-google-eng"}]}
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 13:35:25 GMT
Expires: Sat, 26 Aug 2023 13:35:25 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Sat, 06 Aug 2022 01:45:08 GMT
Age: 335295
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (396), with no line terminators
Size:   292
Md5:    d5d5633f71f43c5aed14fc2d6ae95c17
Sha1:   b71c94a85e02c4e8a288212f4ea9822e5a750ca7
Sha256: 836af17da7110f3fc611862280c10e37971b9969ab08c8781d437327b20b0e24
                                        
                                            GET /images/branding/product/1x/youtube_64dp.png HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/static-on-bigtable"}]}
Content-Length: 573
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 23 Aug 2022 23:27:44 GMT
Expires: Wed, 23 Aug 2023 23:27:44 GMT
Cache-Control: public, max-age=31536000
Age: 558956
Last-Modified: Fri, 30 Apr 2021 07:18:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   573
Md5:    ac0988cf6f19732322a917c3c3d7288d
Sha1:   20421058057542f50b38df143f1ec48b671e0677
Sha256: ba32e274a78afb8194b5cd13b7513292249455806d12b4905fa0923ee814c78e
                                        
                                            GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/product-feedback-gathering
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="product-feedback-gathering"
Report-To: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/product-feedback-gathering"}]}
Transfer-Encoding: chunked
Date: Tue, 30 Aug 2022 10:43:40 GMT
Expires: Tue, 30 Aug 2022 11:33:40 GMT
Cache-Control: public, max-age=3000
Last-Modified: Thu, 25 Aug 2022 16:58:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (2485)
Size:   40522
Md5:    4708856b4c8796cb4442c4ec921154c6
Sha1:   9a458056e2c0089d9be87dbc213384eae7579a27
Sha256: 6f27f9a90759763b5c596ac36ce5ef055bb9f206ad230522a96ab603e902773b
                                        
                                            GET /og/_/js/k=og.qtm.en_US.-MMKP3uG9VU.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTuS6iZfrsnE7GApv0RWeBgl21VxSA HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/one-google-eng
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="one-google-eng"
Report-To: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/one-google-eng"}]}
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 13:35:25 GMT
Expires: Sat, 26 Aug 2023 13:35:25 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Sat, 20 Aug 2022 01:33:02 GMT
Age: 335295
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (554)
Size:   58999
Md5:    8181a672571d8904836d42b30ec14249
Sha1:   369eec339d9e949e09bd52c9ed70873ad30e1398
Sha256: 35eb4ce02701ff4fa0c0b2453241b8c32536b53b04668e33f49facd7425393ee
                                        
                                            GET /images/branding/googleg/2x/googleg_standard_color_64dp.png HTTP/1.1 
Host: ssl.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/static-on-bigtable"}]}
Content-Length: 3553
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 06:22:50 GMT
Expires: Thu, 24 Aug 2023 06:22:50 GMT
Cache-Control: public, max-age=31536000
Age: 534050
Last-Modified: Mon, 20 May 2019 23:45:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   3553
Md5:    048844e6d7c74fb25f495eaded1c91b7
Sha1:   e8c464a491d9d03138be2e5719dae03a86e7b343
Sha256: 0a44f98d5adec463fa3fddca7163e694bc1d93df57c916f3771602193899bb7c
                                        
                                            GET /s/i/productlogos/gmail_2020q4/v8/web-64dp/logo_gmail_2020q4_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 885
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 06:22:50 GMT
Expires: Thu, 24 Aug 2023 06:22:50 GMT
Cache-Control: public, max-age=31536000
Age: 534050
Last-Modified: Wed, 07 Oct 2020 20:07:17 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   885
Md5:    ce23c4cb379c32ae54df13ca22de161c
Sha1:   a8532339309e8572140f4ce343caff7b187029e6
Sha256: 1f00bf732dfc5a8c7885885117d9c3a44f25ea1f31e92c52237c76d7bf908525
                                        
                                            GET /s/i/productlogos/accessibility/v4/web-64dp/logo_accessibility_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 2998
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 16:00:05 GMT
Expires: Thu, 24 Aug 2023 16:00:05 GMT
Cache-Control: public, max-age=31536000
Age: 499415
Last-Modified: Fri, 11 Sep 2020 22:32:23 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2998
Md5:    77c8483bc6a16664e5622e7d4abaaef6
Sha1:   7eeb5c99555ffc07827d5a47941296823a6a919c
Sha256: f5b90101a8103328fa19749e8e05ce5b235cbeecd070b0db3a63a37d5587ca7c
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vheUfp1xG0iPQw6NsvhhOg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.218.213
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AyaDYRv5snzSQRys8lPU7HfTe5g=

                                        
                                            GET /s/i/productlogos/drive_2020q4/v8/web-64dp/logo_drive_2020q4_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 1521
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 15:52:41 GMT
Expires: Thu, 24 Aug 2023 15:52:41 GMT
Cache-Control: public, max-age=31536000
Age: 499859
Last-Modified: Wed, 07 Oct 2020 20:07:17 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1521
Md5:    8ed6586a85fe477aba437425280266ac
Sha1:   5ef1c567e0e7ae2c389fc20c3ae9c98a3bf2ca8c
Sha256: a0a4f406acb9922e59b71e763754893819403d585404c1b0c9b917293fa99cb8
                                        
                                            GET /images/branding/googleg/1x/googleg_standard_color_64dp.png HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/static-on-bigtable"}]}
Content-Length: 1751
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 07:49:46 GMT
Expires: Thu, 24 Aug 2023 07:49:46 GMT
Cache-Control: public, max-age=31536000
Age: 528834
Last-Modified: Mon, 20 May 2019 23:45:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1751
Md5:    7189438b65fffabaec412e3521a50f49
Sha1:   568d4132ee91fa14deffa2e3925f50b99a50065d
Sha256: fa52b3f8386f0370b37531601a6137bfbe39a4c2bec8e724cb7e0e328fd8d7ed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/i/productlogos/gstore/v5/web-64dp/logo_gstore_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 1273
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 11:24:54 GMT
Expires: Sat, 26 Aug 2023 11:24:54 GMT
Cache-Control: public, max-age=31536000
Age: 343126
Last-Modified: Wed, 20 Apr 2022 09:53:37 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1273
Md5:    b34fccbd0c8711ecd008a6eff2cfd66c
Sha1:   1240231c36a07a0f052b45c6e6499e10c883a036
Sha256: f1df3320f78add53e1d29bec727fa105cacfc7dcdba203955ac34313c9e34606
                                        
                                            GET /s/googlesanstext/v21/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Aug 2022 22:43:10 GMT
expires: Wed, 23 Aug 2023 22:43:10 GMT
cache-control: public, max-age=31536000
age: 561630
last-modified: Tue, 19 Apr 2022 18:47:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14796, version 1.0\012- data
Size:   14796
Md5:    675df44db2bafc60df7052da41f6c94b
Sha1:   8b766eb9f1dc9f4f6b6c81028570fd03a5f59509
Sha256: 8300ba70904617a47a80e9098fe00b3f7aefd328519318c420289b0bbdfb5e2c
                                        
                                            GET /s/i/productlogos/google_cloud/v8/web-64dp/logo_google_cloud_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 1407
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 23 Aug 2022 19:10:06 GMT
Expires: Wed, 23 Aug 2023 19:10:06 GMT
Cache-Control: public, max-age=31536000
Age: 574414
Last-Modified: Wed, 20 Apr 2022 15:07:17 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1407
Md5:    86179e7a662998687290621b26c17db5
Sha1:   3940655c86d6cb6a903af2a11be6841332e58ced
Sha256: b58faac0139ad2b90a3abe54c7515fbeb0b1cf8f5ca88bec064706b8e3a981e7
                                        
                                            GET /s/i/productlogos/chrome/v7/web-64dp/logo_chrome_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 2894
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 17:13:28 GMT
Expires: Sat, 26 Aug 2023 17:13:28 GMT
Cache-Control: public, max-age=31536000
Age: 322212
Last-Modified: Fri, 29 Apr 2022 03:16:12 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

                                        
                                            OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://support.agoogle.ir/
Origin: https://support.agoogle.ir
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
Date: Tue, 30 Aug 2022 10:43:40 GMT
Server: Playlog
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+929; expires=Thu, 29-Aug-2024 10:43:40 GMT; path=/; domain=.agoogle.ir; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: private


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://support.agoogle.ir/
Origin: https://support.agoogle.ir
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
Date: Tue, 30 Aug 2022 10:43:40 GMT
Server: Playlog
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+128; expires=Thu, 29-Aug-2024 10:43:40 GMT; path=/; domain=.agoogle.ir; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: private


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://support.agoogle.ir/
Origin: https://support.agoogle.ir
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
Date: Tue, 30 Aug 2022 10:43:40 GMT
Server: Playlog
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+675; expires=Thu, 29-Aug-2024 10:43:40 GMT; path=/; domain=.agoogle.ir; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: private


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/i/productlogos/google_now/v5/web-64dp/logo_google_now_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 3521
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 06:48:12 GMT
Expires: Thu, 24 Aug 2023 06:48:12 GMT
Cache-Control: public, max-age=31536000
Age: 532528
Last-Modified: Wed, 27 Jan 2021 09:57:48 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   3521
Md5:    ce10c5e13c148627ace62ad7542395d6
Sha1:   4863e2fd9a15018bce372c339b0c7d1b0f5fe98f
Sha256: b07084658eb737ddba1bc0b3da4efc0331009ff3968e4c6af683f95c17e6368f
                                        
                                            GET /images/branding/product/1x/family_link_64dp.png HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/static-on-bigtable"}]}
Content-Length: 1279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 27 Aug 2022 07:56:11 GMT
Expires: Sun, 27 Aug 2023 07:56:11 GMT
Cache-Control: public, max-age=31536000
Age: 269249
Last-Modified: Fri, 03 May 2019 22:15:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1279
Md5:    a67b837e46bb187d5dc9e5a2c77e82cb
Sha1:   683ebb2c0af4cb080e1d904aeb7015858959924f
Sha256: 703d3fc191d5f8a9835ea55596ef58a85d66e54c4303b96ceb8e185c2c922b53
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/branding/product/1x/google_home_64dp.png HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/static-on-bigtable"}]}
Content-Length: 1058
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 27 Aug 2022 07:25:24 GMT
Expires: Sun, 27 Aug 2023 07:25:24 GMT
Cache-Control: public, max-age=31536000
Age: 271096
Last-Modified: Thu, 07 Oct 2021 18:58:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1058
Md5:    95407664d6777d92e63257df5814c794
Sha1:   e89791c12ca3e4f09b87bab4e147a397940ccba6
Sha256: 300e7bf53911658d3e6fea6c70f64dc681881d7e28563ffa03dd43553afb295c
                                        
                                            GET /support/content/images/static/homepage_header_background_v2.svg HTTP/1.1 
Host: ssl.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/support-content
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="support-content"
Report-To: {"group":"support-content","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/support-content"}]}
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 13:36:47 GMT
Expires: Sat, 26 Aug 2023 13:36:47 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 27 Aug 2020 18:57:41 GMT
Age: 335213
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (764)
Size:   20712
Md5:    91a3691539b2b79c96ff504e8bcc2422
Sha1:   f0472732a44ecb29c1e574e31cbfb63efce3f2a6
Sha256: 51319bbc5869a3735c85e298e58c26a9e3f6ed20d76c896b1670fd4dc25da52e
                                        
                                            GET /s/i/productlogos/fi/v6/web-64dp/logo_fi_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 2070
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 29 Aug 2022 18:54:17 GMT
Expires: Tue, 29 Aug 2023 18:54:17 GMT
Cache-Control: public, max-age=31536000
Age: 56963
Last-Modified: Wed, 20 Apr 2022 17:56:59 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2070
Md5:    9a2d5b7de5096707f2341ed43d8aee35
Sha1:   ae2b42fe83bfd762aaa67fb01ea8ab8f621e0ecd
Sha256: 46b668edf61b7971108c3221255088a6be5ff6320dbffbbbf550eec48cb23bda
                                        
                                            GET /s/i/productlogos/play_prism/v8/web-64dp/logo_play_prism_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 1275
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 20:49:58 GMT
Expires: Thu, 24 Aug 2023 20:49:58 GMT
Cache-Control: public, max-age=31536000
Age: 482022
Last-Modified: Thu, 28 Jul 2022 22:25:22 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1275
Md5:    a1485fad16edf8fa9f0863128af0a1ce
Sha1:   4a6c9239c2594861c0e7d3a156954740208275cc
Sha256: 89dfd715b8e1150ce83f876df83361b38a11f24fc0bd0922b39ca4cbc701b45f
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc-.woff HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19888
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 29 Aug 2022 08:49:43 GMT
Expires: Tue, 29 Aug 2023 08:49:43 GMT
Cache-Control: public, max-age=31536000
Age: 93237
Last-Modified: Mon, 16 Oct 2017 17:33:11 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 19888, version 1.1\012- data
Size:   19888
Md5:    cf6613d1adf490972c557a8e318e0868
Sha1:   b2198c3fc1c72646d372f63e135e70ba2c9fed8e
Sha256: 468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f
                                        
                                            GET /s/i/productlogos/photos/v6/web-64dp/logo_photos_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 995
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 27 Aug 2022 08:32:48 GMT
Expires: Sun, 27 Aug 2023 08:32:48 GMT
Cache-Control: public, max-age=31536000
Age: 267052
Last-Modified: Thu, 25 Jun 2020 05:35:19 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   995
Md5:    4fbe61206a7c12dddd6efeb3c348e9d5
Sha1:   e73a1b9ecca51a70dda864d63ee24d4bb7348ca1
Sha256: 17fd5a15ff2d0ffb050224ca1d81e01b8088e5ed6f07a4be28292e89682c4048
                                        
                                            GET /s/i/productlogos/maps/v6/web-64dp/logo_maps_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 1551
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 16:00:05 GMT
Expires: Thu, 24 Aug 2023 16:00:05 GMT
Cache-Control: public, max-age=31536000
Age: 499415
Last-Modified: Fri, 11 Sep 2020 22:32:06 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1551
Md5:    4ca44276900c09211c7f8d543cdcbd46
Sha1:   7726d58beade37d5a4699b0ad36988307f9200c4
Sha256: df97ea9e90d84c23db7338bdcf8dd7a112c79a2f6c73c2b45b99af80e4176828
                                        
                                            GET /s/i/productlogos/googleg/v6/web-64dp/logo_googleg_color_1x_web_64dp.png HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Content-Length: 1555
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 17:32:49 GMT
Expires: Thu, 24 Aug 2023 17:32:49 GMT
Cache-Control: public, max-age=31536000
Age: 493851
Last-Modified: Wed, 20 Apr 2022 17:17:09 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1555
Md5:    b7dcc6689e0ee67c3cfd9e09b734d88f
Sha1:   83f6330a8be1da35236529a1324b61b6c87a79f5
Sha256: d422fb428a4945b5f4e7ec90b6d411c12ef139856fd67ee38eebfca246d04ebc
                                        
                                            GET /s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26464
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 16:06:26 GMT
Expires: Thu, 24 Aug 2023 16:06:26 GMT
Cache-Control: public, max-age=31536000
Age: 499034
Last-Modified: Wed, 04 Dec 2019 18:44:20 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 26464, version 1.1\012- data
Size:   26464
Md5:    08f80de0acf68d82aabab974a47d9e5f
Sha1:   e6f1c0f5395a9c297aa162468961c1faf0ec1ed9
Sha256: 4070911a1bb9cc52c4e4cd5e85ca186dcde89308a0517a8faa4715c2e0a9d45e
                                        
                                            GET /s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owpg.woff HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26228
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 16:19:18 GMT
Expires: Sat, 26 Aug 2023 16:19:18 GMT
Cache-Control: public, max-age=31536000
Age: 325462
Last-Modified: Wed, 04 Dec 2019 18:44:17 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 26228, version 1.1\012- data
Size:   26228
Md5:    6dd4ad69d53830bdf5232a13482bd50d
Sha1:   6fff1079d7e5d02a2259cb5d7833e790239e01cf
Sha256: 5ce48d9e9d748ad4686094d3cc33f5ae1e272a5b618f5c6d146c4d12ef02e4a6
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1108
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:40 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+518; expires=Thu, 29-Aug-2024 10:43:40 GMT; path=/; domain=.agoogle.ir; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1105
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:40 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+423; expires=Thu, 29-Aug-2024 10:43:40 GMT; path=/; domain=.agoogle.ir; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19824
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 26 Aug 2022 14:10:29 GMT
Expires: Sat, 26 Aug 2023 14:10:29 GMT
Cache-Control: public, max-age=31536000
Age: 333191
Last-Modified: Mon, 16 Oct 2017 17:32:56 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 19824, version 1.1\012- data
Size:   19824
Md5:    bafb105baeb22d965c70fe52ba6b49d9
Sha1:   934014cc9bbe5883542be756b3146c05844b254f
Sha256: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3205
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:40 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+033; expires=Thu, 29-Aug-2024 10:43:40 GMT; path=/; domain=.agoogle.ir; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css2?family=Google+Sans+Text:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 10:43:39 GMT
date: Tue, 30 Aug 2022 10:43:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   612
Md5:    084e4d2c7ad3a8a4e62f4eaf0466ba1a
Sha1:   2e41eb52159a4fe2094e6001225bba6d7b6ca5f6
Sha256: 5e75d94bdcb6d380d951c41dcf2c396f55e436c109ee5c5a34f96b5ca2dcb55a
                                        
                                            GET /ads/external/images/logo_google_ads_64px.png HTTP/1.1 
Host: agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.agstatic.ir/ads/external/images/logo_google_ads_64px.png
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 265
X-XSS-Protection: 0
Date: Tue, 30 Aug 2022 10:15:42 GMT
Expires: Tue, 30 Aug 2022 10:45:42 GMT
Cache-Control: public, max-age=1800
Age: 1678
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   265
Md5:    e870552d33b0f96aaed42fe09af300fa
Sha1:   8d04fbaf82a5760ee2cdd72f5e15b0cf22524582
Sha256: 0124349881369b324b6876ee0587fba94cd7e9a5cedda02f8f5ddd30ded3de80
                                        
                                            GET /ads/external/images/logo_google_ads_64px.png HTTP/1.1 
Host: www.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://support.agoogle.ir/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/static-on-bigtable"}]}
Content-Length: 2456
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 23 Aug 2022 14:45:41 GMT
Expires: Wed, 23 Aug 2023 14:45:41 GMT
Cache-Control: public, max-age=31536000
Age: 590279
Last-Modified: Thu, 03 Oct 2019 10:15:00 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2456
Md5:    7f6eb4ec32be7a2d55850375c4fa6358
Sha1:   b6b2d97ac3f3eb6fa9f5b4b365605cc196a3cedf
Sha256: 61c965d927840a8a4857c6d4a0b098b48a9b3efc5f81656e81343b7fbc17e4e2
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc-.woff HTTP/1.1 
Host: fonts.agstatic.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withagoogle.ir/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withagoogle.ir/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 20012
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 02:33:04 GMT
Expires: Thu, 24 Aug 2023 02:33:04 GMT
Cache-Control: public, max-age=31536000
Age: 547836
Last-Modified: Mon, 16 Oct 2017 17:33:01 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 20012, version 1.1\012- data
Size:   20012
Md5:    de8b7431b74642e830af4d4f4b513ec9
Sha1:   f549f1fe8a0b86ef3fbdcb8d508440aff84c385c
Sha256: 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /o9U8AvPuX9gkIYtYfNmH-_wBdTfOJ7jb0VwbLWWbERzml7oTPngODhKv2Br7A64=w64 HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1393
x-xss-protection: 0
date: Tue, 30 Aug 2022 07:00:33 GMT
expires: Wed, 10 Aug 2022 01:44:33 GMT
cache-control: public, max-age=86400, no-transform
age: 13387
etag: "v1"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1393
Md5:    0eaa75e84e3b5d76e26b5bdef873465e
Sha1:   79daea62fa0952e79644b23305210d61b6cbb631
Sha256: d375701beed766135440cc65bd4cede9cc455c0116a362e124c3c2158edceff4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /support-kms-prod/bJppRS0Z8FmVujFmM7KFHADzbq3L0PPb1Wpj HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.208
HTTP/2 200 OK
content-type: image/png
                                        
x-guploader-uploadid: ADPycdtfNDN4TnWWNKBmxs_61YL5UeBaVs3S0bssDkJ2P2lE00UgsKXE6eV5JKeJdEFxXPq8lJiMnp9iaRSBmFOwbZ8Q7xWYgQ1C
x-goog-generation: 1532373729897184
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1848
x-goog-hash: crc32c=7CcNlw==, md5=JKB7tsVOn911abMX8ksm+w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1848
server: UploadServer
date: Tue, 30 Aug 2022 10:26:37 GMT
expires: Tue, 30 Aug 2022 11:26:37 GMT
cache-control: public, max-age=3600
age: 1023
last-modified: Mon, 23 Jul 2018 19:22:09 GMT
etag: "24a07bb6c54e9fdd7569b317f24b26fb"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1848
Md5:    24a07bb6c54e9fdd7569b317f24b26fb
Sha1:   046fcd8d47cc7ccf81947a4a5ac7f8ba7ba13a93
Sha256: 02ce36ebfe4cc68cb527b50bfe706f9d3a679a0a6e8d42e7a7b890c66951990c
                                        
                                            GET /RM7cOeibu6ErWYBzYaGdu6EbXVYw9qcFkqkEoLT2Yn_tKIyWIrAIvb1UBH-qDrUFbitH=w64 HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2293
x-xss-protection: 0
date: Tue, 30 Aug 2022 09:41:14 GMT
expires: Wed, 03 Aug 2022 10:11:21 GMT
cache-control: public, max-age=86400, no-transform
age: 3746
etag: "v1"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2293
Md5:    aa2aa23b01a19d57ec6bdd6217d55648
Sha1:   976aeab3205492446cb42abe8a5be7e6a910e763
Sha256: 0ed6a075191e10b09daceef0a3588e1551d91fba8488fb1baa37ceb470795694
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 30 Aug 2022 10:41:12 GMT
expires: Tue, 30 Aug 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 148
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: support.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; SUPPORT_CONTENT=637974530196196726-3387856001; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 30 Aug 2022 10:43:40 GMT
Expires: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: private, max-age=300
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: support-content-ui
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   1512
Md5:    3f3da572b63c243675d03ffbd4364cad
Sha1:   3b5153c03699e5f8921b1e11d96cbab09e8d039d
Sha256: 501cfa4dbff382f48e812128b2857d6278ee7b215db3e79f0be1595f2e3daeaf

Alerts:
  Blocklists:
    - openphish: Google Inc.
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 10:43:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1121
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:41 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3230
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:41 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3235
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:41 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6684
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 10:43:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6684
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 10:43:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6684
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 10:43:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5925
x-amzn-requestid: fa7479ef-c5db-45ce-a973-a8831df14931
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpS-ZFH1IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d31f5-1a9b0a43065d731b4cc61ed3;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:39:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DBxGjmVUCTjHUrOzLWp37FwLUUo_5CykjgxAeCAaw1TlodWSmbnCrA==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:46:33 GMT
age: 46628
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5925
Md5:    91310bc1fb5ae0efa502a9bafe046399
Sha1:   ec2a4baf0a21c1738a541d89756cccd6f3bef5fd
Sha256: 5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e4295fe-5e6e-40a4-9f7e-9340c03b3065.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4372
x-amzn-requestid: 884d80b1-8b3a-434d-a952-812f336c5483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xjdk8FbKoAMFkhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630adc85-6718189246dd0e2622725ce2;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 03:09:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WSH_2ijWDgjCPLGaY4uNFJxZAa4e_wp_IUy74rR1RJa5NLNlkSaNhg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 04:08:16 GMT
age: 23725
etag: "b1e9f80c96c970088fe91cc91b15adb942738b22"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4372
Md5:    d9e7fdb4be1dea111cc40589f893d9e3
Sha1:   b1e9f80c96c970088fe91cc91b15adb942738b22
Sha256: f77659cbb228c9a8839c0fbac717217b35fe10670b1df3f6f5a348770f6a2445
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F675cb20c-3520-450e-8675-bbd6c0e3e748.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5733
x-amzn-requestid: 72dcc1aa-e42c-44dc-8b09-5e00906c8394
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWtFa6IAMFRjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c4-485f64c83f3dc73228055543;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Pg0qFA0GnxNlvBYGNp-o3ZsfqvxDysN7jHARr6SXTDqdvhIZVVItbw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:43:59 GMT
age: 10782
etag: "ab749337ba81b541ae6bd3915ec6a24405ca2cce"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5733
Md5:    eab2b5d1b63b755d005e174c7794dbb4
Sha1:   ab749337ba81b541ae6bd3915ec6a24405ca2cce
Sha256: 0fe904e954da500515ce00cbfe0419765be09f35c97da925e56fa8ac2796db8e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95a59320-0676-4a2d-b7d6-5ed02cda8827.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5593
x-amzn-requestid: d3d491e5-c82f-4da4-9d48-24564feed00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSfrEhpoAMF-UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3130-4a7fb51a74cc4e774ebef726;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cUDEQvHtOlX8mcKyfK50sS9Pqmrti3Euw66FtTVaRvdSAKMrkDPyoQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:50:24 GMT
age: 46397
etag: "07de6816656ca430f4f9a53699d66e95cd33df11"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5593
Md5:    f394100a4cf1c6a7ba6c414c0ee733b0
Sha1:   07de6816656ca430f4f9a53699d66e95cd33df11
Sha256: 3689670cf8306e30a1afd11c818e505e83d8e3f233ebe15eb3cf791fd2686a80
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8478
x-amzn-requestid: 99612ef5-edb6-4e49-87bf-6ecd3071f5de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSwNG0IIAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d319a-58b190387602d9643315f916;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7lkRCgMl7VuI6UsFWnL0VCvy9XZ-Du8MJZS7HWzmr6S88CjzENGurw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:50:47 GMT
age: 46374
etag: "b2866f84f93b73d97e9aecfa2293ff47131b6d67"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8478
Md5:    87425d52d274ccbc12298aa7a47395f2
Sha1:   b2866f84f93b73d97e9aecfa2293ff47131b6d67
Sha256: 2284c74b04493c7a67907b2477bac252832f3550c6a7e57c221abefc45a12549
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac715f17-8b9a-495f-bc62-6136925908ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6405
x-amzn-requestid: 1c49054a-8058-48cc-8660-46e06070b23b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XYcDvEJ4oAMFkyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630673b1-19d3c0a020e8efca51a1bb05;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 18:53:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PZhzybMlkffQY1Tru6l6lk6u4E5AjJyQsY0AfiA3jnIMmiKftra-3g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:44:05 GMT
age: 43176
etag: "84b01ce7d173848c449e4332eb1fa1abe8ac307d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6405
Md5:    7bfe221c6ea8b215ff7f30b28f7cd389
Sha1:   84b01ce7d173848c449e4332eb1fa1abe8ac307d
Sha256: 6c53f4d30d7f0f735c793f46ab25feb5767373718b6f92c7f13eeec8306b8ab5
                                        
                                            POST /log?format=json&hasfast=true HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3586
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:41 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1137
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:42 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3259
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:42 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3259
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:45 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.agoogle.ir
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1137
Origin: https://support.agoogle.ir
Connection: keep-alive
Referer: https://support.agoogle.ir/
Cookie: NID=511=XcSuSuvUgrSREik9dzkGASwQwbAwkqnCt8Nn5gukVqgIlg9Sc_E3mPIrjoZN4yKq-7qCCmrPqSkNLkuzTyPEr9y3tpRmB29EvqgGGzoAjZJVM6v4T0JbsEN7A9lRayuFS7nlM_3-1EpJwcP9MrXw2SVqHKKhB5YMeGmPByGY7uo; __Secure-ENID=6.SE=Tju4p_HlPjTHSgkGKhr7ZUtwsICBEkQDCwlspgKlNrm_tXkn03lMAWn3-_5zjWD-xPW-qDAaZVjV5DT6WTPqQEkzMxwAfrQuOnI6G5sb4IhAdgmDLorLpx1kPwk_H-Rr-vtU8RmfweGF6cNtBkNfhvIEhqgaC6v2exfsrehtQyE; CONSENT=PENDING+033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         138.201.6.227
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Access-Control-Allow-Origin: https://support.agoogle.ir
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 10:43:45 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    759f055b03343bf807170b9be9f7f8c0
Sha1:   2f4f3b6e9458debf4fc6732141ce34b1f43368be
Sha256: 9183359abc8af838a6be4766162d8364067b8dc0b14b78a165513a7ed51c1b54

Alerts:
  Blocklists:
    - quad9: Sinkholed