urlscan.io logo urlscan.io
SecurityTrails logo

files-prod-us-multi.backstage-storage.forgerock.com Open in urlscan Pro
35.190.38.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://backstage.forgerock.com/cloud-storage-ws/api/v1/cloudstorage/getfile/q3ZV1ul7T7-sFAjZTrXsaQ
Effective URL: https://files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/zQoUVCPFSBa0AE6p0MM6-Q?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Cre...
Submission: On October 06 via manual from NZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 35.190.38.48, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is files-prod-us-multi.backstage-storage.forgerock.com.
TLS certificate: Issued by GTS CA 1D4 on August 14th 2022. Valid for: 3 months.
This is the only time files-prod-us-multi.backstage-storage.forgerock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

common-passwords.txt 256 KB text/plain
MIME: ASCII text
Size: 256 KB (262026 bytes, 100% done)
Downloaded from: https://files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/zQoUVCPFSBa0AE6p0MM6-Q?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=cloud-storage%40backstage-production.iam.gserviceaccount.com%2F20221006%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221006T081523Z&X-Goog-Expires=604800&X-Goog-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22common-passwords.txt%22&X-Goog-Signature=0ae4884708e389a7c062b74be3772f7662c6d0fe3481df5b528a6740354c5fa38fecd58ac56fd6789e13d96e347a8d62b1a1c9b317b0af01100fb08e8dfccf80d4bf157afb6533fe1da73cf878e4dc7717cd441e4ce4e077b21e77125ac1c423332854ab7552a1583f3ebefb3d0a2114280ef336f9d7ffba3ac396b3d5adf08bf3f9c8d952a9e58ad3923bc82ca649a2498074ed3ed3ef87f674efb9c416396d3d71aaea1bdb25041cbc5f44ec854917cc54a354d5e81aacc89c34d9929f7b8a4254550af296ec6d9acbd0b3e4dd485b01738b5e3439c0aabf037069324fd27274a20e0b42feac91ea4675158be58329d0ea7d02d0bde0c7d7e0814f0a8f93cb

Domain & IP information

IP Address AS Autonomous System
1 1 35.225.2.234 396982 (GOOGLE-CL...)
1 35.190.38.48 15169 (GOOGLE)
1 1
Apex Domain
Subdomains		 Transfer
2 forgerock.com
backstage.forgerock.com — Cisco Umbrella Rank: 960619
files-prod-us-multi.backstage-storage.forgerock.com
3 KB
1 1

This site contains no links.

Subject Issuer Validity Valid
files-prod-us-multi.backstage-storage.forgerock.com
GTS CA 1D4		 2022-08-14 -
2022-11-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/zQoUVCPFSBa0AE6p0MM6-Q?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=cloud-storage%40backstage-production.iam.gserviceaccount.com%2F20221006%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221006T081523Z&X-Goog-Expires=604800&X-Goog-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22common-passwords.txt%22&X-Goog-Signature=0ae4884708e389a7c062b74be3772f7662c6d0fe3481df5b528a6740354c5fa38fecd58ac56fd6789e13d96e347a8d62b1a1c9b317b0af01100fb08e8dfccf80d4bf157afb6533fe1da73cf878e4dc7717cd441e4ce4e077b21e77125ac1c423332854ab7552a1583f3ebefb3d0a2114280ef336f9d7ffba3ac396b3d5adf08bf3f9c8d952a9e58ad3923bc82ca649a2498074ed3ed3ef87f674efb9c416396d3d71aaea1bdb25041cbc5f44ec854917cc54a354d5e81aacc89c34d9929f7b8a4254550af296ec6d9acbd0b3e4dd485b01738b5e3439c0aabf037069324fd27274a20e0b42feac91ea4675158be58329d0ea7d02d0bde0c7d7e0814f0a8f93cb
Frame ID: 6F72E9DEE0EBC46D0D8A3F2FF46DB877
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zQoUVCPFSBa0AE6p0MM6-Q
files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/
Redirect Chain
  • https://backstage.forgerock.com/cloud-storage-ws/api/v1/cloudstorage/getfile/q3ZV1ul7T7-sFAjZTrXsaQ
  • https://files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/zQoUVCPFSBa0AE6p0MM6-Q?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=cloud-storage%40backstage-product...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/zQoUVCPFSBa0AE6p0MM6-Q?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=cloud-storage%40backstage-production.iam.gserviceaccount.com%2F20221006%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221006T081523Z&X-Goog-Expires=604800&X-Goog-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22common-passwords.txt%22&X-Goog-Signature=0ae4884708e389a7c062b74be3772f7662c6d0fe3481df5b528a6740354c5fa38fecd58ac56fd6789e13d96e347a8d62b1a1c9b317b0af01100fb08e8dfccf80d4bf157afb6533fe1da73cf878e4dc7717cd441e4ce4e077b21e77125ac1c423332854ab7552a1583f3ebefb3d0a2114280ef336f9d7ffba3ac396b3d5adf08bf3f9c8d952a9e58ad3923bc82ca649a2498074ed3ed3ef87f674efb9c416396d3d71aaea1bdb25041cbc5f44ec854917cc54a354d5e81aacc89c34d9929f7b8a4254550af296ec6d9acbd0b3e4dd485b01738b5e3439c0aabf037069324fd27274a20e0b42feac91ea4675158be58329d0ea7d02d0bde0c7d7e0814f0a8f93cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
48.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-disposition
attachment; filename="common-passwords.txt"
content-length
262026
content-type
text/plain
date
Thu, 06 Oct 2022 08:15:24 GMT
etag
"59344d6c0244df6d246ff2a85e0d09d3"
expires
Thu, 06 Oct 2022 08:15:24 GMT
last-modified
Thu, 14 Jul 2022 13:15:17 GMT
server
UploadServer
x-goog-generation
1657804517769825
x-goog-hash
crc32c=MpEh2g== md5=WTRNbAJE320kb/KoXg0J0w==
x-goog-meta-original-file-name
common-passwords.txt
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
262026
x-guploader-uploadid
ADPycdvBPX7mu2A9cEMFpDgmlcOlSEJ24DDoBJqzvFlO7IIIak4Pe8IromU3c490SgrQbfIm1JD_Iugt7Q92_3wiFNARWA

Redirect headers

cache-control
max-age=604799, must-revalidate, no-transform, private
content-length
0
content-security-policy
default-src data: blob: 'self' cdn.forgerock.com; script-src data: 'self' 'unsafe-eval' 'unsafe-inline' cdn.forgerock.com cdn.polyfill.io polyfill.io svc.webspellchecker.net www.google-analytics.com munchkin.marketo.net fast.wistia.com js.driftt.com cdnjs.cloudflare.com www.google.com www.gstatic.com cdn.cookielaw.org geolocation.onetrust.com www.googletagmanager.com lms-ux-assets.getadministrate.com fast.wistia.net maxcdn.bootstrapcdn.com code.jquery.com; script-src-elem data: 'self' 'unsafe-inline' cdn.forgerock.com cdn.polyfill.io polyfill.io svc.webspellchecker.net www.google-analytics.com munchkin.marketo.net fast.wistia.com js.driftt.com cdnjs.cloudflare.com www.google.com www.gstatic.com cdn.cookielaw.org geolocation.onetrust.com www.googletagmanager.com lms-ux-assets.getadministrate.com translate.googleapis.com gateway.zscaler.net ssl.google-analytics.com stonly.com www.pagespeed-mod.com code.jquery.com app.wistia.com translate.google.com; font-src * data:; style-src * 'unsafe-inline'; img-src * data: blob:; media-src 'self' cdn.forgerock.com blob: data: embed-fastly.wistia.com embedwistia-a.akamaihd.net app.wistia.com fast.wistia.com fast.wistia.net app.lucidchart.com geolocation.onetrust.com translate.googleapis.com www.pagespeed-mod.com js.driftt.com ssl.gstatic.com; connect-src 'self' cdn.forgerock.com www.google-analytics.com stats.g.doubleclick.net *.s3.amazonaws.com cdn.cookielaw.org privacyportal-eu.onetrust.com identity.getadministrate.com embedwistia-a.akamaihd.net *.wistia.com lms-api.administratehq.com geolocation.onetrust.com fg8vvsvnieiv3ej16jby.litix.io svc.webspellchecker.net wss://42888.cke-cs.com www.forgerock.com feeds.elastic.co telemetry.elastic.co app.wistia.com embed-ssl.wistia.com fast.wistia.com fast.wistia.net app.lucidchart.com *.cdnservice.space *.backstage-storage.forgerock.com code.jquery.com docs.oracle.com js.driftt.com *.vitalsource.com lucid.app ssl.google-analytics.com translate.googleapis.com translate.google.com www.pagespeed-mod.com api.stonly.com backstage.forgerock.com cdn.polyfill.io assets.grammarly.com fonts.googleapis.com fonts.gstatic.com forum.forgerock.com github.githubassets.com i.ytimg.com img.youtube.com miro.medium.com sdks.forgerock.com backstage-community-prod.storage.googleapis.com www.gravatar.com www.gstatic.com region1.google-analytics.com storage.googleapis.com; frame-src 'self' js.driftt.com www.google.com fast.wistia.com www.lucidchart.com www.youtube.com geolocation.onetrust.com js.stripe.com backstage.forgerock.com app.lucidchart.com *.vitalsource.com lucid.app fast.wistia.net; worker-src 'self' blob: backstage.forgerock.com 42888.cke-cs.com fg8vvsvnieiv3ej16jby.litix.io app.wistia.com fast.wistia.com fast.wistia.net lucid.app svc.webspellchecker.net www.forgerock.com www.pagespeed-mod.com; report-uri https://forgerock.report-uri.com/r/t/csp/enforce;
date
Thu, 06 Oct 2022 08:15:23 GMT
location
https://files-prod-us-multi.backstage-storage.forgerock.com/files/q3ZV1ul7T7-sFAjZTrXsaQ/zQoUVCPFSBa0AE6p0MM6-Q?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=cloud-storage%40backstage-production.iam.gserviceaccount.com%2F20221006%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221006T081523Z&X-Goog-Expires=604800&X-Goog-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22common-passwords.txt%22&X-Goog-Signature=0ae4884708e389a7c062b74be3772f7662c6d0fe3481df5b528a6740354c5fa38fecd58ac56fd6789e13d96e347a8d62b1a1c9b317b0af01100fb08e8dfccf80d4bf157afb6533fe1da73cf878e4dc7717cd441e4ce4e077b21e77125ac1c423332854ab7552a1583f3ebefb3d0a2114280ef336f9d7ffba3ac396b3d5adf08bf3f9c8d952a9e58ad3923bc82ca649a2498074ed3ed3ef87f674efb9c416396d3d71aaea1bdb25041cbc5f44ec854917cc54a354d5e81aacc89c34d9929f7b8a4254550af296ec6d9acbd0b3e4dd485b01738b5e3439c0aabf037069324fd27274a20e0b42feac91ea4675158be58329d0ea7d02d0bde0c7d7e0814f0a8f93cb
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://forgerock.report-uri.com/a/t/g"}],"include_subdomains":true}
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

1 Cookies

Domain/Path Name / Value
backstage.forgerock.com/ Name: JSESSIONID
Value: 08ABBDC2B60773233AD10859511DB944

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backstage.forgerock.com
files-prod-us-multi.backstage-storage.forgerock.com
35.190.38.48
35.225.2.234