URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyl...
Submission: On June 12 via api from BE

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6811:7912, located in United States and belongs to CLOUDFLARENET, US. The main domain is news.q8smiles.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 1st 2021. Valid for: a year.
This is the only time news.q8smiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.225.64.65 205149 (COMARCH)
13 3
Domain Requested by
11 news.q8smiles.com news.q8smiles.com
1 api.q8smiles.be news.q8smiles.com
1 fonts.googleapis.com news.q8smiles.com
13 3

This site contains no links.

Subject Issuer Validity Valid
news.q8smiles.com
Cloudflare Inc ECC CA-3
2021-04-01 -
2022-03-31
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-17 -
2021-08-09
3 months crt.sh
*.q8smiles.be
Sectigo RSA Domain Validation Secure Server CA
2021-04-15 -
2022-04-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Frame ID: F81D177356B3CDBDC28B7EED10445E1F
Requests: 13 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

360 kB
Transfer

400 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request optiextension.dll
news.q8smiles.com/optiext/
42 KB
6 KB
Document
General
Full URL
https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51d5aa117a5065c2b9019ac52316fb26c0107fcc0d2b2f1bbcb2bd0eef245c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
news.q8smiles.com
:scheme
https
:path
/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
content-type
text/html
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
strict-origin
cf-cache-status
DYNAMIC
cf-request-id
0aa19470b200004e448f1bd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65e2bcfabf654e44-FRA
content-encoding
br
css
fonts.googleapis.com/
7 KB
732 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Jun 2021 09:34:03 GMT
server
ESF
date
Sat, 12 Jun 2021 11:28:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Jun 2021 11:28:53 GMT
fsalbert.css
api.q8smiles.be/b2c/files/
0
0
Stylesheet
General
Full URL
https://api.q8smiles.be/b2c/files/fsalbert.css
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.64.65 , France, ASN205149 (COMARCH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

q8-logo.png
news.q8smiles.com/images/SMC/master_html/
2 KB
3 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/master_html/q8-logo.png
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dd0c098c7367443516f8c6e69d0f87304e683f5e327729e68ebfec261f67b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/master_html/q8-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6043
cf-polished
status=not_needed
last-modified
Fri, 26 Feb 2021 09:55:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
2453
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"2afdf8c25cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-request-id
0aa194714e00004e44b6875000000001
accept-ranges
bytes
cf-ray
65e2bcfbba064e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
Header_600x290_NL.jpg
news.q8smiles.com/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/
161 KB
161 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/Header_600x290_NL.jpg
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903aad275feebe25a3fd14fc36fedd7fdb4ccb27c38f27b7f12debf19d20a05f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/Header_600x290_NL.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubdomains
content-length
164723
cf-request-id
0aa194714f00004e44cd8bf000000001
referrer-policy
strict-origin
last-modified
Tue, 01 Jun 2021 12:06:28 GMT
server
cloudflare
etag
"f68298dde56d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
65e2bcfbba094e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
transaction.png
news.q8smiles.com/images/SMC/newsletter/icon-statement/
1010 B
1 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/newsletter/icon-statement/transaction.png
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3165ca3f4b6b5b0c7ad8bdd5c64f3ce848fe204a8a5838ef74129d0e1e8f2f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/newsletter/icon-statement/transaction.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1753
cf-polished
origSize=1013
last-modified
Mon, 01 Mar 2021 15:44:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
1010
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"7eb067c6b1ed71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-request-id
0aa194716100004e449d23e000000001
accept-ranges
bytes
cf-ray
65e2bcfbca4d4e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
Feature%20Article_550x270.jpg
news.q8smiles.com/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/
119 KB
119 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/Feature%20Article_550x270.jpg
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7722ff17337ce1bf8dd163e6c467dfb7ff4f470c7e1d6737a44807102650e5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/Feature%20Article_550x270.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1753
cf-polished
origSize=129241
last-modified
Tue, 01 Jun 2021 12:06:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
121423
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cccd7a87de56d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
cf-request-id
0aa194716200004e44ae1c4000000001
accept-ranges
bytes
cf-ray
65e2bcfbca4e4e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
Article%20Large_300x300.jpg
news.q8smiles.com/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/
43 KB
43 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/Article%20Large_300x300.jpg
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d4788bfb22b20d1143beef3e27440bb58cd3ddfda50bf73f5ec234792cf4df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/.org/fde66d07-4e60-4c9e-8212-991f7659b7f5/newsletters%20(1)/202106/Article%20Large_300x300.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1753
cf-polished
origSize=45467
last-modified
Tue, 01 Jun 2021 12:06:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
43622
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"78647487de56d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
cf-request-id
0aa194716200004e449a25f000000001
accept-ranges
bytes
cf-ray
65e2bcfbca4f4e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
footer-wave.jpg
news.q8smiles.com/images/SMC/master_html/
20 KB
20 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/master_html/footer-wave.jpg
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d79f519f265e6529ae4b53aadf51b173c0dece5c1ede8f713f2ec1edb0166e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/master_html/footer-wave.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6043
cf-polished
origSize=21747
last-modified
Fri, 26 Feb 2021 09:55:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
20152
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"2adbef8c25cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
cf-request-id
0aa194716400004e44ca994000000001
accept-ranges
bytes
cf-ray
65e2bcfbca524e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
apple-white-icon.png
news.q8smiles.com/images/SMC/master_html/
307 B
427 B
Image
General
Full URL
https://news.q8smiles.com/images/SMC/master_html/apple-white-icon.png
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462d3f34542e983ffea627f23b8e043ea74d72541decc3fddf3b107e43392d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/master_html/apple-white-icon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6043
cf-polished
origSize=410
last-modified
Fri, 26 Feb 2021 09:55:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
307
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"eec5f08c25cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-request-id
0aa194716500004e44e0149000000001
accept-ranges
bytes
cf-ray
65e2bcfbca554e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
android-white-icon.png
news.q8smiles.com/images/SMC/master_html/
258 B
378 B
Image
General
Full URL
https://news.q8smiles.com/images/SMC/master_html/android-white-icon.png
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78f47c7b78dd19b5b65a3d4b1b9fc3059705c70d97d77d4ef5e03c422855df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/master_html/android-white-icon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6043
cf-polished
origSize=343
last-modified
Fri, 26 Feb 2021 09:55:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
258
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"dab0f18c25cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-request-id
0aa194717500004e44c83c4000000001
accept-ranges
bytes
cf-ray
65e2bcfbeaa84e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
q8-smiles.png
news.q8smiles.com/images/SMC/master_html/
3 KB
3 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/master_html/q8-smiles.png
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f10e8924db25d971f0f32739b13a554a1d4632e13710f03be919c5ee4a5389c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/master_html/q8-smiles.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6043
cf-polished
origSize=3103
last-modified
Fri, 26 Feb 2021 09:55:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
3075
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"bec1f28c25cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-request-id
0aa194717600004e44b6879000000001
accept-ranges
bytes
cf-ray
65e2bcfbeaad4e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT
header-saldo-bg-white.jpg
news.q8smiles.com/images/SMC/master_html/
3 KB
3 KB
Image
General
Full URL
https://news.q8smiles.com/images/SMC/master_html/header-saldo-bg-white.jpg
Requested by
Host: news.q8smiles.com
URL: https://news.q8smiles.com/optiext/optiextension.dll?ID=tXWtWsPGhxL+nxlHA1LXfAYdm2tfizLzrFQZuom1kj47G8cJAOEh415fO+EkgApkJyllgHZqJy7PEn7ZppEgyrkfreltE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152a258e18c20e51201531e5e35009da43aea79c23f632387974e7166e4d5111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/SMC/master_html/header-saldo-bg-white.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
news.q8smiles.com
referer
https://news.q8smiles.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://news.q8smiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6043
cf-polished
status=not_needed
last-modified
Fri, 26 Feb 2021 09:55:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
2833
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"8c76de8c25cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
cf-request-id
0aa194717700004e44e7300000000001
accept-ranges
bytes
cf-ray
65e2bcfbfab54e44-FRA
expires
Sat, 12 Jun 2021 11:58:53 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block