URL: https://flash.aitor.workers.dev/
Submission: On December 17 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3034::ac43:bd9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is flash.aitor.workers.dev.
TLS certificate: Issued by WE1 on November 20th 2024. Valid for: 3 months.
This is the only time flash.aitor.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::347 54113 (FASTLY)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 23.96.124.68 8075 (MICROSOFT...)
8 6
Apex Domain
Subdomains
Transfer
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
s.clarity.ms — Cisco Umbrella Rank: 7882
29 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 29761
125 KB
2 workers.dev
flash.aitor.workers.dev
5 KB
1 civitatis.com
cdn2.civitatis.com
63 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
71 KB
8 5
Domain Requested by
2 www.clarity.ms flash.aitor.workers.dev
www.clarity.ms
2 cdn.tailwindcss.com 1 redirects flash.aitor.workers.dev
2 flash.aitor.workers.dev
1 s.clarity.ms www.clarity.ms
1 cdn2.civitatis.com flash.aitor.workers.dev
1 www.googletagmanager.com flash.aitor.workers.dev
8 6

This site contains links to these domains. Also see Links.

Domain
www.skyscanner.com
Subject Issuer Validity Valid
aitor.workers.dev
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.civitatis.com
Don Dominio / MrDomain RSA DV CA
2024-08-29 -
2025-09-29
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://flash.aitor.workers.dev/
Frame ID: 7F6BEC21BA09EA4626BC50BE11B02849
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

âš¡VuelosFlash.com - Ofertas de Fin de Semana

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

8
Requests

88 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

294 kB
Transfer

735 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.16

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
flash.aitor.workers.dev/
5 KB
3 KB
Document
General
Full URL
https://flash.aitor.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bd9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af545c4fd287db4cc2cd3206e892d83d26283d6d5d6a0b78bc2c4e8380aae953

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8f38d8bdbd374d73-FRA
content-encoding
zstd
content-type
text/html;charset=UTF-8
date
Tue, 17 Dec 2024 18:06:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6DFUCWwIkOlqWkSOSAfv3baDnmCk0hByA1yp7NZ%2F86eXhAVthkCc4j5%2Buf1Wioj43yvwsMhn4h1GtB2dZxQs3qvbYw%2FT%2FhCXAOg50OD9L40K1nZwKDwrxQet6zFtwJO6YhPWSumk%2F2MtLx19VS6v%2F56E%2FpTHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=68261&min_rtt=62082&rtt_var=22033&sent=8&recv=10&lost=0&retrans=2&sent_bytes=6046&recv_bytes=2263&delivery_rate=13556&cwnd=252&unsent_bytes=0&cid=26d1fdf4dff0bcac&ts=324&x=0"
vary
Accept-Encoding
3.4.16
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.16
398 KB
125 KB
Script
General
Full URL
https://cdn.tailwindcss.com/3.4.16
Requested by
Host: flash.aitor.workers.dev
URL: https://flash.aitor.workers.dev/
Protocol
H2
Server
2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://flash.aitor.workers.dev/

Response headers

server
cloudflare
strict-transport-security
max-age=63072000
cache-control
max-age=31536000
content-encoding
br
x-vercel-cache
MISS
cf-cache-status
HIT
age
938145
cf-ray
8f38d8beca2e9762-FRA
date
Tue, 17 Dec 2024 18:06:22 GMT
content-type
text/javascript
last-modified
Fri, 06 Dec 2024 21:30:37 GMT
vary
Accept-Encoding
x-vercel-id
cle1::iad1::rv4dn-1733520637303-9c55b126e284

Redirect headers

strict-transport-security
max-age=63072000
cache-control
max-age=14400
location
/3.4.16
x-vercel-cache
MISS
cf-cache-status
HIT
age
853
cf-ray
8f38d8be89e59762-FRA
date
Tue, 17 Dec 2024 18:06:22 GMT
vary
Accept-Encoding
server
cloudflare
x-vercel-id
cle1::iad1::qmzdx-1734457801038-d95364a6cce0
gtm.js
www.googletagmanager.com/
197 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WW8HHB75
Requested by
Host: flash.aitor.workers.dev
URL: https://flash.aitor.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5416e48cdfa7794d685277dce2e68b3fffe93352bd6f763899bfc064cbd7410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://flash.aitor.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 17 Dec 2024 18:06:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 18:06:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
72400
x-xss-protection
0
server
Google Tag Manager
torre-eiffel-altura.jpg
cdn2.civitatis.com/francia/paris/galeria/
63 KB
63 KB
Image
General
Full URL
https://cdn2.civitatis.com/francia/paris/galeria/torre-eiffel-altura.jpg
Requested by
Host: flash.aitor.workers.dev
URL: https://flash.aitor.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0523e376d54079b178b0e48fe8ef1e241b624115b2cb85fa6e01cdaa5de0f07d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://flash.aitor.workers.dev/

Response headers

fastly-io-info
ifsz=1301847 idim=3240x2160 ifmt=jpeg ofsz=64330 odim=780x521 ofmt=avif
etag
"+g1RG8qDtEG5bnrt3d3olrNBoCiU+oUEJDup9P/DZ/k"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
x-age
1844199
date
Tue, 17 Dec 2024 18:06:23 GMT
content-type
image/avif
x-served-by
cache-ams21033-AMS, cache-mad22041-MAD
x-cache-hits
11, 1
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=31557600
cache-control
max-age=31536000, public
x-timer
S1734458783.122835,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
content-length
64330
fastly-io-served-by
vpop-etou8240193
pfd5pf2k36
www.clarity.ms/tag/
571 B
827 B
Script
General
Full URL
https://www.clarity.ms/tag/pfd5pf2k36?ref=gtm2
Requested by
Host: flash.aitor.workers.dev
URL: https://flash.aitor.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
087609786f221a4fb5c9f8284c597d54dcc4eeecb535063efbbdc483223728fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://flash.aitor.workers.dev/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
571
date
Tue, 17 Dec 2024 18:06:23 GMT
content-type
application/x-javascript
x-azure-ref
20241217T180623Z-17f9fbfbcd7rwcgzhC1FRAkyy400000000zg00000000166m
clarity.js
www.clarity.ms/s/0.7.59/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/pfd5pf2k36?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://flash.aitor.workers.dev/

Response headers

x-azure-ref
20241217T180623Z-17f9fbfbcd7rwcgzhC1FRAkyy400000000zg00000000166x
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD1DD41438CC6B"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
3624efed-701e-0001-276e-507107000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 17 Dec 2024 18:06:23 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 13:18:06 GMT
favicon.ico
flash.aitor.workers.dev/
5 KB
3 KB
Other
General
Full URL
https://flash.aitor.workers.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bd9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af545c4fd287db4cc2cd3206e892d83d26283d6d5d6a0b78bc2c4e8380aae953

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://flash.aitor.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSd%2BzcAsNA76o2WD9nC1Y%2Br3F%2FPHeDi9Bb1iaS4wD44ddAnatXkWLFFreEJqAFzvpLnyo8zT0kA79vGxLNDWO3dbidQBvC1XRAMfXVEtkmy9Q5lKlA8M7zeHkxaiol9%2FgRsfKSKP2mUiyjADKsYhGtc4OSC1Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f38d8c47c444d73-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=62731&min_rtt=29315&rtt_var=17280&sent=14&recv=15&lost=0&retrans=2&sent_bytes=8853&recv_bytes=2457&delivery_rate=95654&cwnd=257&unsent_bytes=0&cid=26d1fdf4dff0bcac&ts=1381&x=0"
date
Tue, 17 Dec 2024 18:06:23 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
collect
s.clarity.ms/
0
287 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://flash.aitor.workers.dev/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://flash.aitor.workers.dev
Date
Tue, 17 Dec 2024 18:06:23 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind object| dataLayer string| /template.html function| renderOffers object| google_tag_manager object| google_tag_data function| clarity

0 Cookies