accounts.agoogle.ir
Open in
urlscan Pro
54.36.198.80
Malicious Activity!
Public Scan
Submission: On February 09 via api from JP — Scanned from FR
Summary
TLS certificate: Issued by R3 on January 17th 2023. Valid for: 3 months.
This is the only time accounts.agoogle.ir was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 54.36.198.80 54.36.198.80 | 16276 (OVH) (OVH) | |
23 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
agstatic.ir
www.agstatic.ir fonts.agstatic.ir |
471 KB |
7 |
agoogle.ir
accounts.agoogle.ir play.agoogle.ir |
123 KB |
2 |
ayoutube.ir
accounts.ayoutube.ir |
16 KB |
23 | 3 |
Domain | Requested by | |
---|---|---|
9 | www.agstatic.ir |
accounts.agoogle.ir
www.agstatic.ir |
5 | accounts.agoogle.ir |
accounts.agoogle.ir
www.agstatic.ir |
4 | fonts.agstatic.ir |
accounts.agoogle.ir
|
2 | accounts.ayoutube.ir |
www.agstatic.ir
accounts.agoogle.ir |
2 | play.agoogle.ir |
www.agstatic.ir
|
23 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.agoogle.ir |
Subject Issuer | Validity | Valid | |
---|---|---|---|
agoogle.ir R3 |
2023-01-17 - 2023-04-17 |
3 months | crt.sh |
agstatic.ir R3 |
2023-01-17 - 2023-04-17 |
3 months | crt.sh |
ayoutube.ir R3 |
2023-01-17 - 2023-04-17 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://accounts.agoogle.ir/v3/signin/identifier?dsh=S621417101:1675037070451501&continue=https://accounts.agoogle.ir/&followup=https://accounts.agoogle.ir/&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcVPZ0ff9l8rxiJ4S9z_KAkLzXzb32OTbbrKYQwLmX2akjvPhCjQEo5Oxagei15M3vAzJZJNA
Frame ID: 4EE6D771967BC9B82D5350BE6664A36D
Requests: 20 HTTP requests in this frame
Frame:
https://accounts.ayoutube.ir/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.agoogle.ir&v=848993042×tamp=1675915548780
Frame ID: C2F86E6573F11122136622FD818B46D5
Requests: 2 HTTP requests in this frame
Frame:
https://accounts.agoogle.ir/_/bscframe
Frame ID: 90B23F8DFA84932BD3CC18AEA0143E48
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.agoogle.ir/v3/signin/_/AccountsSignInUi/cspreport
Frame ID: 011F83FDB7BFF4D95624954AD23DEB8E
Requests: 1 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: بیشتر بدانید
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
identifier
accounts.agoogle.ir/v3/signin/ |
508 KB 116 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cspreport
accounts.agoogle.ir/v3/signin/_/AccountsSignInUi/ |
0 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=_b,_tp,_r
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/excm=_b,_r,_tp,identifierview/ed=1/dg=0/wt=2/rs=AOaEmlGmEWKZlNonf_... |
198 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
267 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4UaGrENHsxJlGDuGo1OIlL3Owpg.woff
fonts.agstatic.ir/s/googlesans/v14/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KFOmCnqEu92Fr1Mu4mxM.woff
fonts.agstatic.ir/s/roboto/v18/ |
19 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KFOlCnqEu92Fr1MmEU9fBBc-.woff
fonts.agstatic.ir/s/roboto/v18/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff
fonts.agstatic.ir/s/googlesans/v14/ |
26 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=n73qwf,zwU6q,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,rXHJjc,njlZCf,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,kKw6r,zbJ6Kd,ANCJdb,V3dDOb,G0cNrd,IAEjzb,mWLH9d,NAySvc,O6y8ed,t2srLd,XP...
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=_b,_r,_tp... |
610 KB 234 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,AD... |
6 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=ltDFwf,Rusgnf,Ctsu,UPKV3d,wGM7Jc,IZ1fbc,i5dxUd,m9oV,QCqtlc,NTMZac,bTi8wc,i5H9N,SzsEAf,RAnnUd,PHUIyb,bPkrc,pxq3x,uu7UOe,yRXbo,soHxf,qNG0Fc,ywOR5c,W2YXuc
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,AD... |
115 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=ZwDk9d,RMhBfe
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,AD... |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=bm51tf
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,AD... |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=w9hDv,VwDzFe,A7fCU
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,AD... |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=sOXFj,q0xTif,ZZ4WUe
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,A7... |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
play.agoogle.ir/ |
131 B 848 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CheckConnection
accounts.ayoutube.ir/accounts/ Frame C2F8 |
29 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
batchexecute
accounts.agoogle.ir/v3/signin/_/AccountsSignInUi/data/ |
142 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bscframe
accounts.agoogle.ir/_/ Frame 90B2 |
15 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
play.agoogle.ir/ |
131 B 848 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
cspreport
accounts.agoogle.ir/v3/signin/_/AccountsSignInUi/ Frame 011F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=wg1P6b
www.agstatic.ir/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.fa.BZRRhoi-1As.es5.O/ck=boq-identity.AccountsSignInUi.bDZuNlUah-0.R.I11.O/am=MB8KDALiHJgMAQAAAAAAAAAALHAAAQ/d=1/exm=A2sInc,A7... |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cspreport
accounts.ayoutube.ir/_/AccountsDomainCookiesCheckConnectionHttp/ Frame C2F8 |
2 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
browserinfo
accounts.agoogle.ir/v3/signin/_/AccountsSignInUi/ |
91 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- accounts.agoogle.ir
- URL
- https://accounts.agoogle.ir/v3/signin/_/AccountsSignInUi/cspreport
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| WIZ_global_data number| cc_latency_start_time function| onaft function| _isLazyImage string| cc_aid number| iml_start number| css_size object| cc_latency function| ccTick function| onJsLoad function| onCssLoad function| _isVisible function| _recordImlEl number| prt function| wiz_tick string| _F_cssRowKey string| _F_combinedSignature function| _DumpException object| BOQ_wizbind object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue function| AF_initDataCallback undefined| AF_initDataInitializeCallback object| aft_counter function| initAft object| IJ_values object| _wjdd object| default_AccountsSignInUi boolean| BOQ_loadedInitialJS function| _F_installCss function| _B_err object| closure_lm_948778 function| wiz_progress function| _F_getIjData object| _mxNDff function| onFetchPhoneNumberInfo boolean| ly11Pc number| closure_uid_974280838 function| nativePrimaryActionHit function| nativeSecondaryActionHit object| botguard4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
accounts.agoogle.ir/ | Name: __Host-GAPS Value: 1:3UvqkWsG0nMiP1tN3XtfcOhVtu5m0w:yp2z5Ymxhi33BVQC |
|
.agoogle.ir/ | Name: NID Value: 511=Mmz00F4gJjILlmmexZK1xY1rlE4ddcln1uuxep27PwpF0-Mp0r6gOTnEey9DjJ7VtabOd0S5ZYrLo5NxZ_xvJKtTWEtpBrwvPCcatYSMqy_gV5WiakCQUCcQaYSjOgZvKS3naS1kjSvILnM4toxMypU6tUvrWLnbDyVbwn4H0BM |
|
accounts.agoogle.ir/ | Name: OTZ Value: 6893526_56_56__56_ |
|
.agoogle.ir/ | Name: CONSENT Value: PENDING+693 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport script-src 'nonce-CMyCwmMuO-vPFbv6npDY0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.agoogle.ir
accounts.ayoutube.ir
fonts.agstatic.ir
play.agoogle.ir
www.agstatic.ir
accounts.agoogle.ir
54.36.198.80
09b97dded36802b7ef28686a8c90ea18ffc20133cfcc2a5f47b224ebb3ecb3cb
0d19c8480f34bd2cc272b020826a9336cc7c8706f9516025037e877badc860d1
12966164a91a7c71103d11f2b5ef3036b664cad1973f13893e4f3a05f10b0cd7
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
1f75065dfb36706ba3dc0019397fca1a3a435c9a0437db038daaadd3459335d7
3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a
4df62ec476c20f3b598f264bb5a8b04d923b432eca9463083aa5d040957555ba
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53f33d3a8ec630c79bf082dafb9b7a6cdff9738aea8fa22b00da2f6ca71b045b
6b9db5fbb89b0d2b6dfb693698412911a8a9baa8eac7dae7cd272639d4da08e2
74441bd9a6d95fbee323bf3e91dd26d9ebffa4c7a1c3f635625f77734d57bce1
78d853d7107498a6a2485af00f4a1dd1960e3ccac062f199f4f5375343e45437
793010e2f39af45a0377ea37ab2ba136af70f0a40050f7a8d2706aea7fdc203c
8a9f44ca459d69343b1e5ac4f7ecf537982e65364840a7a5a2b4ca28b42acc42
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
c12268b0abd854a6c3deb54ab134d213919bd40641321940a75f00986e263580
c696f0f317a05be3232e37f9569b442bccbdd880e21755cb8651eca93927ed47
c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5798892b010d97c03ecef437a30eec3be978de0c1b33cc3378337d296b446f0
f8f2046a2847f22383616cf8a53620e6cecdd29cf2b6044a72688c11370b2ff8
ff34781da54e96d5b6bba04dfdf49ea8b4d0da1b108704f6f22e29f62f26d899