urlscan.io logo urlscan.io
SecurityTrails logo

from-google.ehrig.io Open in urlscan Pro
104.16.207.216  Public Scan

Go To Rescan Add Verdict Report
URL: https://from-google.ehrig.io/
Submission Tags: @phishunt_io
Submission: On September 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 104.16.207.216, located in and belongs to CLOUDFLARENET, US. The main domain is from-google.ehrig.io.
TLS certificate: Issued by WE1 on September 19th 2024. Valid for: 3 months.
This is the only time from-google.ehrig.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 104.16.207.216 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a04:4e42::347 54113 (FASTLY)
19 5
6    104.16.207.216 (None, )

ASN13335 (CLOUDFLARENET, US)
from-google.ehrig.io
4    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)
tile.openstreetmap.org
Apex Domain
Subdomains		 Transfer
8 openstreetmap.org
tile.openstreetmap.org — Cisco Umbrella Rank: 13037
258 KB
6 ehrig.io
from-google.ehrig.io
110 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
69 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 670
7 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
31 KB
19 5
Domain Requested by
8 tile.openstreetmap.org from-google.ehrig.io
6 from-google.ehrig.io 1 redirects from-google.ehrig.io
static.cloudflareinsights.com
4 unpkg.com from-google.ehrig.io
unpkg.com
1 static.cloudflareinsights.com from-google.ehrig.io
1 cdn.jsdelivr.net from-google.ehrig.io
19 5

This site contains links to these domains. Also see Links.

Domain
www.openstreetmap.org
Subject Issuer Validity Valid
ehrig.io
WE1		 2024-09-19 -
2024-12-18		 3 months crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-06 -
2025-04-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://from-google.ehrig.io/
Frame ID: 23A3BB6912F27EE1113D9DFA73A081A6
Requests: 17 HTTP requests in this frame

Frame: https://from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: 8C8D73266C7A48981179A76903CD6EAD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All sorts of fun

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

95 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

474 kB
Transfer

883 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://from-google.ehrig.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
from-google.ehrig.io/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://from-google.ehrig.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.207.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e08690e57d52e46a73c7258df996ea82b8a4d17f16bd6e466168a22e12711b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

__addr
80.64.220.4:443
__conn
Pt6D5LokYEniESERrqXfE
__peer
162.158.202.138:60180
__peer_certs
["ehrig_aop"]
__sni
from-google.ehrig.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=30
cf-cache-status
DYNAMIC
cf-ray
8c58ae1a5de162c7-HAM
content-encoding
gzip
content-type
text/html
date
Thu, 19 Sep 2024 09:51:56 GMT
nel
{"success_fraction":1,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7zHNfQFrNfG0fuD23yFznoVI1qa6%2FuDBNaf0coAkS3wnvCvkJol5DMGIsYMTUjQzw900c%2B95%2B5OlkJp0zOEONFKDIjjNWkWM8BWCCCk92BuNjxYQ2wqV1%2FF7Jh%2BsUzZqFfoq8X%2B"}],"group":"cf-nel","max_age":604800}
served-in-micros
218
server
cloudflare
transform-response
static
transform-response-bot-score
75
leaflet.css
unpkg.com/leaflet@1.9.4/dist/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leaflet@1.9.4/dist/leaflet.css
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://from-google.ehrig.io
Referer
https://from-google.ehrig.io/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"39d6-7JKfEQDGZCzMXEJyz0zKEiUaml0"
age
2008909
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 09:51:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J68Z8YS3CE1E9V0JKV88T6CD-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c58ae1bea201db3-FRA
access-control-allow-origin
*
server
cloudflare
leaflet.js
unpkg.com/leaflet@1.9.4/dist/ 		144 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leaflet@1.9.4/dist/leaflet.js
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://from-google.ehrig.io
Referer
https://from-google.ehrig.io/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"24060-WmQP+GPnkCqMrCzmujfIezBnd2E"
age
16381836
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 09:51:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWM61M4EYGENSR1F09MC2BS-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c58ae1bea231db3-FRA
access-control-allow-origin
*
server
cloudflare
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://from-google.ehrig.io
Referer
https://from-google.ehrig.io/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
age
16395533
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBOrPT0PRABLaPWjh78OW5wjQaexjmSGZeq4x5rBy4ym%2BOGdrIizSfKKxdnRnBdbqK2PNU8caguEa%2Bs5XM3%2FMmOriYLog%2B9SQjI9c8CFwcx5mXISWBrV49J1EesV7Tj%2FtE0QCyuexp8GYGo%2FY%2BM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, MISS
date
Thu, 19 Sep 2024 09:51:56 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220083-FRA, cache-lga21980-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8c58ae1be85a9729-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
30835
server
cloudflare
x-jsd-version
5.3.2
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://from-google.ehrig.io
Referer
https://from-google.ehrig.io/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8c58ae1cd84dd396-FRA
access-control-allow-origin
*
date
Thu, 19 Sep 2024 09:51:56 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
708.png
tile.openstreetmap.org/11/1090/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1090/708.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
4f92fc2974c13538586850552684e3d4acc30701ff64806f979fbc02b30acad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"d64b22213932281775dcb4717dd94a09"
age
43
expires
Thu, 19 Sep 2024 13:48:59 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=14266, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014487,VS0,VE1
via
1.1 varnish
x-tilerender
nidhogg.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
32867
server
Apache/2.4.54 (Ubuntu)
708.png
tile.openstreetmap.org/11/1091/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1091/708.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
95fc14d6b6fd9f2a8b6e8b56203826531da936337f40f5c1806f674d9d65658a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"503521ac7d339b8ad62d11a22d47b0e7"
age
4860
expires
Thu, 19 Sep 2024 10:49:21 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=8304, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014431,VS0,VE2
via
1.1 varnish
x-tilerender
nidhogg.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
30995
server
Apache/2.4.54 (Ubuntu)
709.png
tile.openstreetmap.org/11/1090/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1090/709.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
4db24ccb464d37bfa1deabfae4ef6dfd9b08b157a4b90b11267e983e5cfc8823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"7b9151184c1bf9ebbda5c4e44be389e8"
age
3255
expires
Thu, 19 Sep 2024 11:56:07 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=10705, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014411,VS0,VE1
via
1.1 varnish
x-tilerender
nidhogg.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
31860
server
Apache/2.4.54 (Ubuntu)
709.png
tile.openstreetmap.org/11/1091/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1091/709.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
77afe7f7e41b8b4e268c877d96b0a74f190ad49ef6cb7fc1bd6ce917f054e54f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"f4d56424312c18940346baaa4d583acd"
age
4048
expires
Thu, 19 Sep 2024 12:31:07 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=13599, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014544,VS0,VE1
via
1.1 varnish
x-tilerender
nidhogg.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
34455
server
Apache/2.4.54 (Ubuntu)
708.png
tile.openstreetmap.org/11/1089/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1089/708.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
a2760aa0911e31e4f3d108cec4541348ddec54fd23fdd1edc7f5a5acfd4a9042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"531413d8d9d63b819a54ab52bab7b88b"
age
12127
expires
Thu, 19 Sep 2024 11:05:10 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=16521, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014447,VS0,VE1
via
1.1 varnish
x-tilerender
odin.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
31074
server
Apache/2.4.54 (Ubuntu)
708.png
tile.openstreetmap.org/11/1092/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1092/708.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
617237496e180dbe25f9b57fb25440412903e011b9e3809797a9a5948830db4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"79dba8dc8cc2da842dad8a8c8ae29a43"
age
1959
expires
Wed, 18 Sep 2024 19:18:00 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=14886, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014137,VS0,VE1
via
1.1 varnish
x-tilerender
nidhogg.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
33432
server
Apache/2.4.54 (Ubuntu)
709.png
tile.openstreetmap.org/11/1089/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1089/709.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
6c83a2c03582907a5e0549612edc2f699e8a38856ea64b110e3904cc6a8f03d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"9b4ac6505a4e3a4789c72603e44675f7"
age
4860
expires
Thu, 19 Sep 2024 13:04:38 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=16421, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014785,VS0,VE1
via
1.1 varnish
x-tilerender
nidhogg.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
32927
server
Apache/2.4.54 (Ubuntu)
709.png
tile.openstreetmap.org/11/1092/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tile.openstreetmap.org/11/1092/709.png
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
c43f3af56f4dd4679b952e0e36709306601564637bea86d561c010c12968283d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

etag
"0072e83de9541abb8061b195faab5216"
age
12130
expires
Thu, 19 Sep 2024 10:42:28 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
x-served-by
cache-cph2320031-CPH
x-cache-hits
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=15162, stale-while-revalidate=604800, stale-if-error=604800
x-timer
S1726739517.014135,VS0,VE1
via
1.1 varnish
x-tilerender
odin.openstreetmap.org
accept-ranges
bytes
access-control-allow-origin
*
content-length
34617
server
Apache/2.4.54 (Ubuntu)
main.js
from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame 8C8D
Redirect Chain
  • https://from-google.ehrig.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/
Protocol
H3
Server
104.16.207.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d01d36e5a01fd059b5e72e448e7ec7c8cccde62645ce68a97131d14459c638
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":1,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3JNgZBEtlITIlbBW8lEyYJVNGDGs3qmYpx7NUwhmC3bnkF9Eqe5twPo1OjKuT9Kk6LBgjiic86LV%2BUNGN3gOU5rYTRvS6po3qCpTAOUtTJ9icQLUD51RzMSiWzOW4kLdRr526Kw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
transform-response
static
transform-response-bot-score
75
cf-ray
8c58ae1da9bf62c7-HAM
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
nel
{"success_fraction":1,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXuYzVKN6NsLBoRnOGn65RoOxcK78KOlqs6TlR4wgEy1qoQn7eFqvcR0yn9Pyxjl%2BnYHm0OLSoQiaZBbE9SKpm4n54VGTuuTTSCjUWXA2ULoQWXCWLN4iB3atswkjSwIairrfFmG"}],"group":"cf-nel","max_age":604800}
transform-response
static
transform-response-bot-score
75
cf-ray
8c58ae1d493962c7-HAM
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 19 Sep 2024 09:51:57 GMT
vary
Accept-Encoding
server
cloudflare
8c58ae1a5de162c7
from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8C8D 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://from-google.ehrig.io/cdn-cgi/challenge-platform/h/b/jsd/r/8c58ae1a5de162c7
Requested by
Host: from-google.ehrig.io
URL: https://from-google.ehrig.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.207.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":1,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgTTWhLjzbwAHvqykMg4ah3nWg%2FHpmetJlsTFqLjIM4evoPn%2B%2FQkxBnW%2FN5wipr4P1bqO9%2B6uQHYKzJv0MfQFWJFW1LauC6KnpKYrIqAldRneIuNaeBgW4Ve64%2BiXnBtf%2B4QDBBW"}],"group":"cf-nel","max_age":604800}
transform-response
static
transform-response-bot-score
18
cf-ray
8c58ae1e6abe62c7-HAM
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
rum
from-google.ehrig.io/cdn-cgi/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://from-google.ehrig.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.207.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://from-google.ehrig.io/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8c58ae1e7ade62c7-HAM
access-control-allow-origin
https://from-google.ehrig.io
date
Thu, 19 Sep 2024 09:51:57 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
from-google.ehrig.io/ 		204 KB
101 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://from-google.ehrig.io/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.207.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae2e5e63b3374948c5b28ac4fbb7f01aecae588b2262ea439696b24056f3d421

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

__sni
from-google.ehrig.io
cf-cache-status
MISS
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yY1D7THBdjESjhIGsdrLsTclcSyq%2BOuUpg41yVgM8cBNS3xvlBEUBjwQ1RYt55lGPdt1t4%2FratyFMSNcQqUbEdoG6IfAQKsF2yXO1qYNxb91FDGmysFigtD5GhFXPDoFZ1JcUKQi"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
__peer_certs
["ehrig_aop"]
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/x-icon
last-modified
Thu, 19 Sep 2024 09:51:57 GMT
vary
Accept-Encoding
__addr
80.64.220.4:443
__peer
172.68.50.189:39234
served-in-micros
437
cache-control
public, max-age=30
nel
{"success_fraction":1,"report_to":"cf-nel","max_age":604800}
transform-response
static
transform-response-bot-score
50
cf-ray
8c58ae1e7ae062c7-HAM
__conn
AqujFIGZHbSFwRs50zwec
server
cloudflare
marker-icon.png
unpkg.com/leaflet@1.9.4/dist/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unpkg.com/leaflet@1.9.4/dist/images/marker-icon.png
Requested by
Host: unpkg.com
URL: https://unpkg.com/leaflet@1.9.4/dist/leaflet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://unpkg.com/leaflet@1.9.4/dist/leaflet.css

Response headers

cf-cache-status
HIT
etag
"5ba-YKkLy7K0K33bRVbblOt8EISw5do"
age
16395525
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRW749374WBXQKXM6GT4NFAA-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c58ae212d169219-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1466
server
cloudflare
marker-shadow.png
unpkg.com/leaflet@1.9.4/dist/images/ 		618 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unpkg.com/leaflet@1.9.4/dist/images/marker-shadow.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://from-google.ehrig.io/

Response headers

cf-cache-status
HIT
etag
"26a-e2qN9jkwOB6WYE5wUWjQUn1rgrw"
age
2008910
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 09:51:57 GMT
content-type
image/png
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J68Z8YY0Z72ASAVVBS1THYSS-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c58ae212d199219-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
618
server
cloudflare

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| leaflet object| L function| flight_exists function| update_flights function| update_runways function| update_today function| update_aircrafts function| update_active function| update_en_route function| update_now function| websocket object| map object| markers object| _leaflet_events object| __cfBeacon

3 Cookies

Domain/Path Name / Value
.ehrig.io/ Name: cf_clearance
Value: zYQpOmGLDGpqMKoPKcE.ymPcY5kwH3JhqmSx5xfnzHw-1726739517-1.2.1.1-VOLWrdcNkfrZiCYrkNfFTa1ono0zwit71cDby4QrntFFuLrAhWSocJYOQ2e4rPFAkm9ZeoJQnHGcNbk5TzRVXnWjp17UYPlikIADhcKqrW_8JVM2KWvb30tlrUN8uelzo..hA4_5o.zM2UpALCxegKUCcxHE3k91cGdLBeEB7o5N5uL.z76T6yjCPUuT.JipJaYrv5ltQy.X5HH6Vl7a_TEDfeYbzy8j9f3dbfHmV3jLf_7R7.dBEa_zIwgqfgV3L1CKngmV051hY6iIFq3J7UQNVPtdF1eZENzg2n3sUtALAhgvbuD3atVco2Uhj9DwE38ocFaa1B89brfcQgC8Oaq37.yqIyYJtRG2X6pKY2y5oQ7n7Sb88LtsRfjc918l
.ehrig.io/ Name: __cf_bm
Value: fVOGeqQrmNYZjPZ4Xs8kSRzHU9LsCThJTtsisaEXYSw-1726739517-1.0.1.1-SF8SIYc9U9AZow508L04PiJph3Bi3f.S1NE2SUq_4cEb.JlrvvGJ0hDib5fvlKw7v2_3.jpccaDMLQbRlyqkLg
.ehrig.io/ Name: _cfuvid
Value: 0iqBjIG9ph5N2.WYPDqY_nXeksVuuUZrgrJ.jXOe2xI-1726739517782-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
from-google.ehrig.io
static.cloudflareinsights.com
tile.openstreetmap.org
unpkg.com
104.16.207.216
2606:4700::6810:5049
2606:4700::6811:f7cb
2606:4700::6812:ba1f
2a04:4e42::347
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
4db24ccb464d37bfa1deabfae4ef6dfd9b08b157a4b90b11267e983e5cfc8823
4f92fc2974c13538586850552684e3d4acc30701ff64806f979fbc02b30acad0
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
617237496e180dbe25f9b57fb25440412903e011b9e3809797a9a5948830db4e
6c83a2c03582907a5e0549612edc2f699e8a38856ea64b110e3904cc6a8f03d0
73d01d36e5a01fd059b5e72e448e7ec7c8cccde62645ce68a97131d14459c638
75e08690e57d52e46a73c7258df996ea82b8a4d17f16bd6e466168a22e12711b
77afe7f7e41b8b4e268c877d96b0a74f190ad49ef6cb7fc1bd6ce917f054e54f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
95fc14d6b6fd9f2a8b6e8b56203826531da936337f40f5c1806f674d9d65658a
a2760aa0911e31e4f3d108cec4541348ddec54fd23fdd1edc7f5a5acfd4a9042
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
ae2e5e63b3374948c5b28ac4fbb7f01aecae588b2262ea439696b24056f3d421
c43f3af56f4dd4679b952e0e36709306601564637bea86d561c010c12968283d
db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855