urlscan.io logo urlscan.io
SecurityTrails logo

creativesrv.bid Open in urlscan Pro
2606:4700:3031::681b:9e41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times
Effective URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFR...
Submission: On February 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3031::681b:9e41, located in United States and belongs to CLOUDFLARENET, US. The main domain is creativesrv.bid.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.
This is the only time creativesrv.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 4
Apex Domain
Subdomains		 Transfer
14 creativesrv.bid
creativesrv.bid
345 KB
2 gstatic.com
fonts.gstatic.com
18 KB
2 authorzilla.com
authorzilla.com
11 KB
1 googleapis.com
fonts.googleapis.com
855 B
17 4
Domain Requested by
14 creativesrv.bid 1 redirects authorzilla.com
creativesrv.bid
2 fonts.gstatic.com creativesrv.bid
2 authorzilla.com 1 redirects
1 fonts.googleapis.com creativesrv.bid
17 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-05 -
2020-10-09		 8 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Frame ID: 65B644602EDD5D42F10E3E09C35A522E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%... Page URL
  2. https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%... HTTP 301
    https://creativesrv.bid/apu.php?fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Ti... HTTP 302
    https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

373 kB
Transfer

615 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times Page URL
  2. https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times&__cf_chl_jschl_tk__=ff8eaf05aaff3dbaec8bee0b1adbee70b643a736-1581977265-0-AUJNCsoTjBErNelShh14h79Z7HOqaITOpgDzIuwng0WIlRo6QyxAfojka_NGOUkejE6f-l9HB22HnSntcHOBCRBOnEKbkgnr1TUfY8dBRQtPuqZA5_-7JpUZk2SOFPI0_AueiIiQ-xADppL22LoicB12MYsiXiVUI192WyPF8d8l-VWLgQDfKo5t2an_x2Q1Fl08xdkGlhf0_RpqfAbFtjoiJmsSfj3KAj5xKXxdjjlx8lcXXN9jCeN8TonzIUmihdR4J4wPw4UrsssZmjRqCWdgMKVJ6fL4I_spoPUb__hHjSUm7pdyLqNbVEohnwGf4H5BiyB3xJTsD2WU5lVETuAdNoIc9fHihxLqo03Y6GuSr0bRgGi2QaFFRrGAbUksCw HTTP 301
    https://creativesrv.bid/apu.php?fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf&mirror=us HTTP 302
    https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
out.php
authorzilla.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:1815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938a5790819a2f880e7961561fd89d0329f74fa8e1b83f226668195b331a6576
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
authorzilla.com
:scheme
https
:path
/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
503
date
Mon, 17 Feb 2020 22:07:45 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=dccee82c1d142265ebf66133e77269b011581977265; expires=Wed, 18-Mar-20 22:07:45 GMT; path=/; domain=.authorzilla.com; HttpOnly; SameSite=Lax; Secure
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
566b13785e37d711-FRA
Primary Request /
creativesrv.bid/library/
Redirect Chain
  • https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times&__cf_chl_jschl_tk__=ff8eaf05aaff3dbaec8bee0b1adbee70b643a736-1581977265-0-AUJNCsoTjBErNel...
  • https://creativesrv.bid/apu.php?fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf&mirror=us
  • https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20D...
5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Requested by
Host: authorzilla.com
URL: https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cd1022caa21edcdebc723409b9e273fd768367bbc224f8c1af78c7e7255ccd

Request headers

:method
GET
:authority
creativesrv.bid
:scheme
https
:path
/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d095e8334e3b7fcfd0abc5c05f26f9fc41581977270
Origin
https://authorzilla.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://authorzilla.com/out.php?m=us&q=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times

Response headers

status
200
date
Mon, 17 Feb 2020 22:07:50 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
566b13924fce975a-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 17 Feb 2020 22:07:50 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d095e8334e3b7fcfd0abc5c05f26f9fc41581977270; expires=Wed, 18-Mar-20 22:07:50 GMT; path=/; domain=.creativesrv.bid; HttpOnly; SameSite=Lax; Secure
x-robots-tag
noindex, nofollow
location
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing Business With Aviation - Portsmouth Daily Times.pdf
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
566b1391ff89975a-FRA
css
fonts.googleapis.com/ 		7 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 22:07:50 GMT
server
ESF
date
Mon, 17 Feb 2020 22:07:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Feb 2020 22:07:50 GMT
style.css
creativesrv.bid/library/css/ 		164 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/css/style.css
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2187574955c85fb08ed542d6675471c8bb014655f1dabe6f9ecd4dfc9da503

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 16 Dec 2017 04:49:17 GMT
server
cloudflare
etag
W/"5a34a5cd-28f92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
566b13929823975a-FRA
jquery.min.js
creativesrv.bid/library/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/js/jquery.min.js
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
W/"5a2a5976-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
566b13929825975a-FRA
warning.png
creativesrv.bid/library/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativesrv.bid/library/img/warning.png
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25905d2fff0c0cb7bf1b1c6e16fabcb524c9a263ae3130e5099667120175cf79

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Apr 2019 13:35:40 GMT
server
cloudflare
etag
"5cc1b7ac-5cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
566b13929826975a-FRA
content-length
1484
windows.png
creativesrv.bid/library/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativesrv.bid/library/img/windows.png
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd3b77b35985368d8e10800e23b1756d23de7782297aff79a743e93c8322256

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
"5a2a5976-4183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
566b13929829975a-FRA
content-length
16771
apple.png
creativesrv.bid/library/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativesrv.bid/library/img/apple.png
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827600e09c5ea52764024281f1df7d75416be8f1b27608c9d20f1a7f49bfb397

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
"5a2a5976-8791"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
566b13930881975a-FRA
content-length
34705
android.png
creativesrv.bid/library/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativesrv.bid/library/img/android.png
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0765c2231d18ff36360ce4f888fcb63a6a66b0df325931b3829a2c749c18372b

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
"5a2a5976-7e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
566b13930884975a-FRA
content-length
32330
bootstrap.min.js
creativesrv.bid/library/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/js/bootstrap.min.js
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
W/"5a2a5976-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
566b1392d85f975a-FRA
lightslider.min.js
creativesrv.bid/library/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/js/lightslider.min.js
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a

Request headers

Referer
https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
W/"5a2a5976-3e97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
566b1392e860975a-FRA
brand_side.png
creativesrv.bid/library/img/ 		394 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativesrv.bid/library/img/brand_side.png
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8171f88819f215e0f098bfef3bf2398d3a77eb53f020c3074e52219021882a03

Request headers

Referer
https://creativesrv.bid/library/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
"5a2a5976-18a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
566b1393088a975a-FRA
content-length
394
background_content.jpg
creativesrv.bid/library/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativesrv.bid/library/img/background_content.jpg
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fa1e2abee855d5ae74ac19acb622e5fe8c228f91ac7b8398a82130a0cd6183

Request headers

Referer
https://creativesrv.bid/library/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
"5a2a5976-3ac7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
566b1393088b975a-FRA
content-length
15047
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://creativesrv.bid
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1626953
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 29 Jan 2021 02:11:57 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://creativesrv.bid
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Feb 2020 00:39:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
1459720
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Sun, 31 Jan 2021 00:39:10 GMT
fontawesome-webfont3e6e-v=4.7.0.html
creativesrv.bid/library/fonts/ 		82 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/fonts/fontawesome-webfont3e6e-v=4.7.0.html
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3295b7b7a6279e39a3c639ddb644b98bf3c1111f76152b35d628532c80503c37

Request headers

Referer
https://creativesrv.bid/library/css/style.css
Origin
https://creativesrv.bid
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 16 Dec 2017 04:49:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
status
200
cf-ray
566b13930891975a-FRA
fontawesome-webfont3e6e-v=4.7.0.woff
creativesrv.bid/library/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://creativesrv.bid/library/fonts/fontawesome-webfont3e6e-v=4.7.0.woff
Requested by
Host: creativesrv.bid
URL: https://creativesrv.bid/library/?sid=Txua6tYcRsM9AfQeS9xlGlT6f16cBnOyjQMStm1KKP6CzSkf3qV5P94WpxudRN2r8LPsG5ioJCH1jAsYBFRaqzZ20RYX6pTdVJAR&fn=Mixing%20Business%20With%20Aviation%20-%20Portsmouth%20Daily%20Times.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://creativesrv.bid/library/css/style.css
Origin
https://creativesrv.bid
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 22:07:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2017 09:20:54 GMT
server
cloudflare
etag
W/"5a2a5976-17ee8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=14400
cf-ray
566b139378fb975a-FRA

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery string| url function| getParameterByName function| start

1 Cookies

Domain/Path Name / Value
.creativesrv.bid/ Name: __cfduid
Value: d6dc4cfc64099429761241adbcec5ae291581977270

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN