firebasestorage.googleapis.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2607:f8b0:4006:81e::200a, located in United States and belongs to GOOGLE, US. The main domain is firebasestorage.googleapis.com. The Cisco Umbrella rank of the primary domain is 6845.
TLS certificate: Issued by WR2 on April 29th 2025. Valid for: 3 months.

This is the only time firebasestorage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2

2 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 247	191 KB
2	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 6845	16 KB
5	2

	Domain	Requested by
3	cdnjs.cloudflare.com	firebasestorage.googleapis.com cdnjs.cloudflare.com
2	firebasestorage.googleapis.com
5	2

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://firebasestorage.googleapis.com/v0/b/special-promo/o/secure_redirection_4.html?alt=media
Frame ID: 73B145681E84F333CE4B60E66842EDE7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Enterprise Security Gateway

Detected technologies

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

208 kB
Transfer

286 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request secure_redirection_4.html Show response
firebasestorage.googleapis.com/v0/b/special-promo/o/ 14 KB
15 KB 620ms
314ms Document
text/html 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/special-promo/o/secure_redirection_4.html?alt=media
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ee520c83a9176aa2682656dc0f88ded71110b50c67d67a3fe35d68ba0e358c3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-disposition: inline; filename*=utf-8''secure_redirection_4.html
content-length: 14560
content-type: text/html
date: Mon, 26 May 2025 11:43:26 GMT
etag: "785e1c1eb906faebdf41cd85674316db"
expires: Mon, 26 May 2025 11:43:26 GMT
last-modified: Tue, 20 May 2025 08:21:45 GMT
server: UploadServer
x-goog-generation: 1747729305283099
x-goog-hash: crc32c=o7edWA== md5=eF4cHrkG+uvfQc2FZ0MW2w==
x-goog-meta-firebasestoragedownloadtokens: bef07483-b9f6-44c6-99a2-c9cebca633bb
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14560
x-guploader-uploadid: AAO2Vwrt7aPlx7yIOQFpmONH_crpUe7KLSzzQKOzgHNvgCq21nQmYJI-RKqXalEkdKNUHVRBBoTm6tE

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 216ms
110ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/special-promo/o/secure_redirection_4.html?alt=media

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://firebasestorage.googleapis.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6421d693-4940"
age: 236471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egLHbp8k9Z2pRXbXQfrG5KWnIMZI5tA0la%2B1e6rtIGr5NS96EWvSJs1AEb8lJe7LYylzg2meRfOnFt%2BZZiOfR6sEMvRj%2B1ju1hI3KTjzdPU0WLbM6iQ1OZQQsoBPhjmM1tLIcF0V"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 11:43:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 11:43:27 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 945d03d2ca79ebe3-SJC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18752
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 89ms
87ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://firebasestorage.googleapis.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-24a6c"
age: 485908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBcn71GuHv6KqKepkZH1MnfW78atoJAoaKUASL4b2yrnFwydTMCrwaWMTC7iS%2F9%2BnzlqkDcMWMKLWEApLIfQjNSueEazXTw6NtdJubSC9cu5cpvPmbsVJIdnIwWrOC3pKXDCdIWF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 11:43:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 11:43:27 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 945d03d4ae9e6800-SJC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 150124
server: cloudflare

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 24 KB
25 KB 857ms
857ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://firebasestorage.googleapis.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-6174"
age: 998577
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQVHjOxdLCz2zYfntawMF4lbLmwON63cJRVSUC7qYy6rRnSz9TZdF31bmU%2BBnm9XmcN%2B0zfPG11peYyyBRW8VAkQyHDp1dNPzmCDu5A%2FvZv3vwacOYFJj5f7KunGAibOSVbbY0RI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 11:43:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 11:43:27 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 945d03d4aea06800-SJC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24948
server: cloudflare

GET
H2 404 favicon.ico
firebasestorage.googleapis.com/ 2 KB
2 KB 217ms
213ms Other
text/html 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebasestorage.googleapis.com/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f25fd0260c4ef8c26a87a5a126634e846ba539c75e5d508103f4d98831654a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://firebasestorage.googleapis.com/v0/b/special-promo/o/secure_redirection_4.html?alt=media

Response headers

x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1572
date: Mon, 26 May 2025 11:43:28 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: ESF
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

1 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| addRandomCheck

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://firebasestorage.googleapis.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
firebasestorage.googleapis.com
104.17.24.14
2607:f8b0:4006:81e::200a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
7f25fd0260c4ef8c26a87a5a126634e846ba539c75e5d508103f4d98831654a5
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
ee520c83a9176aa2682656dc0f88ded71110b50c67d67a3fe35d68ba0e358c3f

firebasestorage.googleapis.com Open in urlscan Pro 2607:f8b0:4006:81e::200a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

208 kBTransfer

286 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Window variables

0 Cookies

1 Console Messages

Indicators

firebasestorage.googleapis.com Open in urlscan Pro
2607:f8b0:4006:81e::200a Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

208 kB
Transfer

286 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions