www.quicksign.fr Open in urlscan Pro
178.255.129.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.quicksign.fr/GENERIC_FO/?id=24800287&token=0O424NSITZSE9NMSHC
Effective URL:
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O...
Submission: On February 11 via manual (February 11th 2020, 4:12:05 am UTC) from US

Summary HTTP 54 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 5 domains to perform 54 HTTP transactions. The main IP is 178.255.129.65, located in Nogent-sur-Marne, France and belongs to BCS 32 rue Delizy, FR. The main domain is www.quicksign.fr.
TLS certificate: Issued by GlobalSign Organization Validation CA... on August 7th 2018. Valid for: 2 years.

This is the only time www.quicksign.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 32	178.255.129.65 178.255.129.65	29605 (BCS 32 ru...) (BCS 32 rue Delizy)
5	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
12	2a02:26f0:6c0... 2a02:26f0:6c00:19f::2b19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	63.33.112.209 63.33.112.209	16509 (AMAZON-02) (AMAZON-02)
2	15.188.105.205 15.188.105.205	16509 (AMAZON-02) (AMAZON-02)
1	139.71.18.163 139.71.18.163	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
54	6

32 178.255.129.65 (Nogent-sur-Marne, France) 1 redirects

ASN29605 (BCS 32 rue Delizy, FR)
PTR: www.quicksign.fr

www.quicksign.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:6c00:19f::2b19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

qwww.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.33.112.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.18.163 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv42.americanexpress.com

gct.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	quicksign.fr 1 redirects www.quicksign.fr	299 KB
12	aexp-static.com qwww.aexp-static.com	117 KB
5	ensighten.com nexus.ensighten.com	23 KB
4	demdex.net 1 redirects dpm.demdex.net	5 KB
3	americanexpress.com omns.americanexpress.com gct.americanexpress.com	5 KB
54	5

	Domain	Requested by
32	www.quicksign.fr	1 redirects www.quicksign.fr
12	qwww.aexp-static.com	www.quicksign.fr nexus.ensighten.com qwww.aexp-static.com
5	nexus.ensighten.com	www.quicksign.fr nexus.ensighten.com qwww.aexp-static.com
4	dpm.demdex.net	1 redirects qwww.aexp-static.com
2	omns.americanexpress.com	qwww.aexp-static.com
1	gct.americanexpress.com
54	6

This site contains links to these domains. Also see Links.

Domain
qwww.americanexpress.com
www.americanexpress.com
e2sglobal.americanexpress.com
www.facebook.com
icm.americanexpress.com
qbusiness.americanexpress.com
americanexpress-fr.custhelp.com
www.votrecarteauquotidien.fr
www209.americanexpress.com
qwww316.americanexpress.com
www.assurances.americanexpress.fr
careers.americanexpress.com

Subject Issuer	Validity	Valid
*.quicksign.fr GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-07` - `2020-10-19`	2 years	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2019-10-03` - `2020-10-02`	a year	crt.sh
qwww.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2020-01-24` - `2022-04-28`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
omns.americanexpress.com DigiCert SHA2 Secure Server CA	`2020-02-06` - `2022-02-10`	2 years	crt.sh
gctv42.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2018-06-07` - `2020-06-11`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Frame ID: 2466282EACD215289270DABF3FB03E44
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Express

Page URL History Show full URLs

http://www.quicksign.fr/GENERIC_FO/?id=24800287&token=0O424NSITZSE9NMSHC HTTP 302
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

54
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

5
Countries

447 kB
Transfer

1180 kB
Size

1
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://qwww.americanexpress.com/fr/

Search URL Search Domain Scan URL

URL: https://qwww.americanexpress.com/change-country/?inav=fr_utility_choosecountry
Title: Autres pays

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/contact.html?inav=fr_utility_contact_cm
Title: Contactez-nous

Search URL Search Domain Scan URL

URL: https://e2sglobal.americanexpress.com/myca/intl/acctsumm/emea/accountSummary.do?request_type=&Face=fr_FR&page=PR&intlink=seconnecter_myca&inav=fr_utility_login
Title: Se connecter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressFrance

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/avantages-carte-haut-de-gamme/?inav=fr_sitefooter_allcards
Title: Cartes pour les particuliers

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/cartes-paiement-flying-blue/?inav=fr_sitefooter_afcards
Title: Cartes AIR FRANCE KLM - AMEX

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/adherents-club-fnac/?inav=fr_sitefooter_premium
Title: Les offres adhérents Club Fnac

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/cartes-business/?inav=fr_sitefooter_sbscards
Title: Cartes Business

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/cartes-business/cartes-pro-air-france/?inav=fr_sitefooter_cardspro
Title: Cartes PRO

Search URL Search Domain Scan URL

URL: https://qbusiness.americanexpress.com/fr?inav=fr_sitefooter_corpcards
Title: Cartes Corporate

Search URL Search Domain Scan URL

URL: https://americanexpress-fr.custhelp.com/cgi-bin/americanexpress_fr.cfg/php/enduser/std_adp.php?p_sid=gEOQCJTk&p_accessibility=&p_redirect=&p_search_text=vol&p_widx=1&p_faqid=307&p_topview=1&inav=fr_sitefooter_stolencards
Title: Carte perdue ou volée

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/merchant/help-pin-express-card.html?inav=fr_sitefooter_pin
Title: Code confidentiel

Search URL Search Domain Scan URL

URL: https://www.votrecarteauquotidien.fr/ou-utiliser-votre-carte?inav=fr_sitefooter_coverage
Title: Où utiliser votre carte ?

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/marketing-data-intl/emea/fr_FR/merchant/home?inav=fr_sitefooter_merchants
Title: Espace commerçants

Search URL Search Domain Scan URL

URL: https://qwww.americanexpress.com/france/services-en-ligne-et-mobile/?page=CM&inav=fr_sitefooter_myca#services-en-ligne
Title: Services en ligne et mobile

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/benefits/additional-cards.html?inav=fr_sitefooter_supp
Title: Carte supplémentaire

Search URL Search Domain Scan URL

URL: https://qwww316.americanexpress.com/iFormsSecure/un/iforms.do?cuid=emgmUpliftMGMER_fr_FR&evtsrc=link&evttype=0&mgmerSource=mgmerHub&page=pr&inav=fr_sitefooter_mgm
Title: Parrainage de carte

Search URL Search Domain Scan URL

URL: https://www.assurances.americanexpress.fr/?page=PR&inav=fr_sitefooter_insurance
Title: Assurances

Search URL Search Domain Scan URL

URL: http://americanexpress-fr.custhelp.com/cgi-bin/americanexpress_fr.cfg/php/enduser/ps_landing_page.php?page=CM&inav=fr_sitefooter_faq
Title: FAQs

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/about-american-express.html?inav=fr_sitefooter_aboutamex
Title: A propos d'American Express

Search URL Search Domain Scan URL

URL: https://careers.americanexpress.com/LangHome?lang=fr&inav=fr_sitefooter_careers
Title: Emploi et Carrières

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/press.html?inav=fr_sitefooter_press
Title: Espace Presse

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/contact.html?inav=fr_sitefooter_contact_pr
Title: Contactez-nous

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/site-map.html?inav=fr_sitefooter_sitemap
Title: Plan du site

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/trademarks.html?inav=fr_legalfooter_trademark
Title: Marques déposées

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/terms-and-conditions.html?inav=fr_legalfooter_termsofuse
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/privacy.html?inav=fr_legalfooter_privacy
Title: Protection des données

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/security.html?inav=fr_legalfooter_securityalerts
Title: Sécurité

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/
Title: American Express Company

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.quicksign.fr/GENERIC_FO/?id=24800287&token=0O424NSITZSE9NMSHC HTTP 302
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03 Show response
www.quicksign.fr/GENERIC_FO/
Redirect Chain

http://www.quicksign.fr/GENERIC_FO/?id=24800287&token=0O424NSITZSE9NMSHC
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

44 KB
10 KB

219ms
133ms

Document
text/html

178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

741511f68ced3e60fbb295a2706164a754222d81ea76615575b82cff80adfb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Host: www.quicksign.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Server: Apache
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Pragma: No-cache
Cache-Control: no-cache,no-store,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9038
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8

Redirect headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Server: Apache
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Set-Cookie: JSESSIONID=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03; Path=/GENERIC_FO; Secure; HttpOnly
Pragma: No-cache
Cache-Control: no-cache,no-store,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 85 KB
30 KB 30ms
29ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 30080
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "152b5-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK bootstrap.min.js Show response
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 36 KB
10 KB 108ms
26ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/bootstrap.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 9921
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "91d2-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK main.js Show response
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 502 B
1 KB 124ms
25ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 275
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "1f6-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=146

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/ 370 B
924 B 72ms
25ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 187
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "172-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/ 384 B
927 B 76ms
25ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 190
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "180-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ 391 B
928 B 77ms
26ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 191
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "187-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/ 377 B
926 B 77ms
25ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 189
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "179-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK bootstrap.min.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 119 KB
20 KB 80ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/bootstrap.min.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

4608ca554569d7240ee2dc760fe599d88519aacf7f5e928c17c720a5e572784a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 20119
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "1dd77-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK bootstrap-theme.min.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 24 KB
4 KB 80ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/bootstrap-theme.min.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

83f8fc95267b9268a14e26952e5f0c0a9d272d7cbe2bccc67c3898663fe6535b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 2867
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "5f5a-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK style.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 7 KB
3 KB 98ms
25ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/style.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

cbaaf957e7584cf1a903a2a673e2451c56c1deb18d09efa353450cf563b64bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1844
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "1de4-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK tablette.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 130 B
837 B 103ms
26ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/tablette.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

357d43352c7b0cebd8f681f663d3f1a28ef0595bdcb42e3ce9ba13ec0dcaa648

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 101
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "82-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK mobile.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 793 B
1 KB 103ms
25ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/mobile.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

b7f1d22566bf99ea752033ae7411efe765f100a255e1355d8c508e9027cf1447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 348
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "319-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK jquery-1.5.2.min.js Show response
www.quicksign.fr/GENERIC_FO/scripts/ 84 KB
30 KB 128ms
30ms Script
text/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 29910
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"85925-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK qs-util-1.0.11.js Show response
www.quicksign.fr/js-soa3/lib/qs/ 17 KB
6 KB 129ms
26ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/js-soa3/lib/qs/qs-util-1.0.11.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5132
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:20 GMT
Server: Apache
ETag: "456b-59c07b6417300"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK qs-ntp-1.0.4.min.js Show response
www.quicksign.fr/js-soa3/lib/qs/ 3 KB
2 KB 129ms
26ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1447
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:20 GMT
Server: Apache
ETag: "c45-59c07b6417300"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK qs-event-logger-1.3.0.min.js Show response
www.quicksign.fr/js-soa3/lib/qs/ 14 KB
6 KB 130ms
25ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/js-soa3/lib/qs/qs-event-logger-1.3.0.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5203
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:20 GMT
Server: Apache
ETag: "3886-59c07b6417300"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.quicksign.fr/GENERIC_FO/scripts/ 197 KB
52 KB 149ms
34ms Script
text/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/scripts/jquery-ui.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 51997
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"201658-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK jquery-ui.min.css
www.quicksign.fr/GENERIC_FO/css/ 24 KB
5 KB 104ms
27ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/css/jquery-ui.min.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 11 Feb 2020 04:11:48 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 4599
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"25085-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK login.js Show response
www.quicksign.fr/GENERIC_FO/scripts/custom/ 3 KB
2 KB 150ms
27ms Script
text/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/scripts/custom/login.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1120
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"3431-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=145

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/amex/intl_amexhead-qa/ 63 KB
19 KB 120ms
51ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/Bootstrap.js
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 17b28eb5752db25158a863c66a9518bda1b3e97e242c2d691b8eedc5cfc20503

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:48 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 21:45:44 GMT
server: nginx
etag: W/"5e30ab88-fb6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300

GET
H2 200 inav_intlEapp.css
qwww.aexp-static.com/nav/ngn/css/ 21 KB
4 KB 362ms
66ms Stylesheet
text/css 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 070216208c96ea83fb1f8ad109d44508c9ef2121b97519abb35d986612bea573

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: W/"5e34e22d-5398"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3590
expires: Sat, 01 Aug 2020 21:32:12 GMT

GET
H2 200 btnSpriteStyles.css
qwww.aexp-static.com/nav/ngn/css/ 20 KB
3 KB 362ms
67ms Stylesheet
text/css 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/nav/ngn/css/btnSpriteStyles.css
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: af9a520ece32f82864c7e73a511d6ccb53778132a22218801067431679fc01de

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: W/"5e34e22d-51dc"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3357
expires: Sat, 01 Aug 2020 19:45:05 GMT

GET
H2 200 logo_bluebox.gif
qwww.aexp-static.com/nav/ngn/img/ 4 KB
5 KB 363ms
68ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/logo_bluebox.gif
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
last-modified: Sat, 01 Feb 2020 02:31:45 GMT
etag: "5e34e311-1148"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4424
expires: Sun, 02 Aug 2020 01:47:16 GMT

GET
H/1.1 200
OK af_klm_gold_di_160x101.png
www.quicksign.fr/images-soa3/external/AMEX/cartes/ 13 KB
14 KB 26ms
25ms Image
image/png 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/cartes/af_klm_gold_di_160x101.png

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

1e9508ea625050b0cf95c80c61634286bc8b66555726d4cec9a0f144f093a74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: "33a5-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 13221
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK ico-faq.svg
www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ 1 KB
2 KB 26ms
26ms Image
image/svg+xml 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ico-faq.svg

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

8ba6bca834293efbdb1a8880dd911d2b1cb226dc30492bf19feb622cf99ab2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: "564-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 1380
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK ico-tel.svg
www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ 768 B
1 KB 27ms
27ms Image
image/svg+xml 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ico-tel.svg

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

2ba921028f435a137dfb25cb49776a06b0ff7487dea2511991f8ff9f0c488e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: "300-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 768
Keep-Alive: timeout=5, max=146

GET
H2 200 clear.gif
qwww.aexp-static.com/nav/ngn/img/ 43 B
218 B 180ms
68ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/clear.gif
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-2b"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 03 Aug 2020 04:32:34 GMT

GET
H2 200 inav_intlEapp.js Show response
qwww.aexp-static.com/nav/ngn/js/ 6 KB
2 KB 207ms
67ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 03f8ccd1bb7c4b08691066c6ce667662a0eb414d7a64a45adce3bda3501834b2

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Sat, 01 Feb 2020 02:31:45 GMT
etag: W/"5e34e311-1942"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 1864
expires: Sat, 01 Aug 2020 20:46:19 GMT

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 27ms
27ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581394309030

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

c061c740c6baa5171fbc1b96feba01a6fd0a29f9d8e8a37bed856b1e872b10db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 27ms
27ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581394309059

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

1d16cba2d9ad2672b2935e0e5c04ac8b2307a9560e4dbb0f1df47afdbc35124b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=147

GET
H2 200 visitorAPI-intl.js Show response
qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/ 59 KB
20 KB 174ms
71ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/visitorAPI-intl.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 72d285d6474c89f7076927508b7556b83b1017f29ee4f59c12ccaaa4d1040666

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 23:33:39 GMT
etag: W/"5e2638d3-ec6b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 19799
expires: Sun, 19 Jul 2020 23:14:38 GMT

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 27ms
26ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581394309087

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

56b5d89bd8daac91e4dd98f3e79e1078cc7f9f3c06143313a9e0aa53c6ab6ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=146

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 27ms
27ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581394309115

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

e0c47780b1dfab5b7ceb09a1508ee652a8b950391eb3481ef9fcdc6cf63ebe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=145

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 27ms
26ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581394309142

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

5d4369152598dfe8058abbe2e8b84345f18d07e4ceb1dcc4fc3330b8e3a334e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=144

GET
H2 200 iNav_ngi_sprite_new.gif
qwww.aexp-static.com/nav/ngn/img/ 23 KB
23 KB 27ms
27ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3

Request headers

Referer: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-5b47"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 23367
expires: Sat, 01 Aug 2020 22:28:08 GMT

GET
H2 200 img_shdw_mainNav.png
qwww.aexp-static.com/nav/ngn/img/ 143 B
319 B 26ms
26ms Image
image/png 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b

Request headers

Referer: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-8f"
content-type: image/png
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 143
expires: Sat, 01 Aug 2020 22:09:00 GMT

GET
H/1.1 200
OK BentonSans-Regular.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ 45 KB
45 KB 26ms
25ms Font
application/octet-stream 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/BentonSans-Regular.otf

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "b2fc-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 45820
Keep-Alive: timeout=5, max=143

GET
H2 200 Bootstrap.js Show response
qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/ 66 KB
20 KB 32ms
32ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 6a906b76a40112249eb0a594415b6a41c0fd3339395035126e632fe4886556e4

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 18:25:52 GMT
etag: W/"5de7fa30-106b5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 19727
expires: Thu, 04 Jun 2020 06:29:12 GMT

GET
H2 200 iNav_ngi_sprite_footer.gif
qwww.aexp-static.com/nav/ngn/img/ 934 B
1 KB 29ms
29ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_footer.gif
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12

Request headers

Referer: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-3a6"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 934
expires: Sun, 02 Aug 2020 03:03:39 GMT

GET
H/1.1 200
OK BentonSans-Bold.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/ 45 KB
46 KB 26ms
25ms Font
application/octet-stream 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/BentonSans-Bold.otf

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

40c72a6fd5e6614a6d3f66b91c914482e13e34778df553a05f3c5dfcc817e139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/styles.css
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "b434-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 46132
Keep-Alive: timeout=5, max=145

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/amex/intl_amexhead-qa/ 181 B
323 B 50ms
50ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.quicksign.fr%2FGENERIC_FO%2Flogin.do%3Bjsessionid%3DE3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03%3Fid%3D24800287%26token%3D0O424NSITZSE9NMSHC%26ensMarket%3D%26ens_env%3D2
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf77fb4b01e16efd14ced00a404c5a59a8d547a6a8a573a276898637d1d8a132

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 11 Feb 2020 04:11:49 GMT
cache-control: no-cache, no-store
expires: Tue, 11 Feb 2020 04:11:48 GMT
server: nginx
content-length: 181
content-type: text/javascript

GET
H2 200 gct.js Show response
qwww.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 15 KB
4 KB 17ms
17ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct.js?gct=Intl
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 4505ed3cb1eef57601c232a71fa2c81139511b5ba1ee20a2198816a89dbf3b7a

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 10:05:16 GMT
etag: W/"5e3158dc-3b74"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3762
expires: Mon, 27 Jul 2020 10:19:40 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/amex/ 389 B
531 B 434ms
434ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.quicksign.fr%2FGENERIC_FO%2Flogin.do%3Bjsessionid%3DE3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03%3Fid%3D24800287%26token%3D0O424NSITZSE9NMSHC%26ensMarket%3Dfr_fr%26ens_env%3D2%26e_pageId%3D22516%26deviceType%3Dlarge
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b836f24c753e771cfc315ffb871bde9b9c2e2d4e04ef8438f039af93d2ef574a

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 11 Feb 2020 04:11:49 GMT
cache-control: no-cache, no-store
expires: Tue, 11 Feb 2020 04:11:48 GMT
server: nginx
content-length: 389
content-type: text/javascript

GET
H2 200 48e6f477c1f0b741cd851153449f4d5e.js Show response
nexus.ensighten.com/amex/prod/code/ 10 KB
2 KB 33ms
33ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/prod/code/48e6f477c1f0b741cd851153449f4d5e.js?conditionId0=181141
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1753b93cd7afd17615b1ed1851776005ddbea12ab98b23655b796d81cc31873c

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Wed, 15 Jan 2020 20:44:37 GMT
server: nginx
etag: W/"5e1f79b5-26b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 5f7e2e7c7a153aeab2e9a38a8a68e8f5.js Show response
nexus.ensighten.com/amex/prod/code/ 7 KB
1022 B 33ms
33ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/prod/code/5f7e2e7c7a153aeab2e9a38a8a68e8f5.js?conditionId0=4854943
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8edd02111db885fbd38ed7e12821b108a057e1b07395f4309aff639d5788f973

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2019 00:05:57 GMT
server: nginx
etag: W/"5cfef065-1c5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

POST
H/1.1 200
OK 0O424NSITZSE9NMSHC Show response
www.quicksign.fr/GENERIC_FO/rest/bel/ 44 B
805 B 113ms
113ms XHR
application/json 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/bel/0O424NSITZSE9NMSHC

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Origin: https://www.quicksign.fr
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 11 Feb 2020 04:11:49 GMT
Server: Apache
ADRUM_0: g:8b3665ff-96e6-40e0-bd0c-e956615ea5e6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ADRUM_2: i:10189
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
ADRUM_1: n:customer1_e69b0123-b3e5-47a3-baa8-755983273e1a
Content-Type: application/json
Access-Control-Allow-Origin: *
ADRUM_3: s:f
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Keep-Alive: timeout=5, max=144

GET
H2 200 s_code_global_context.js Show response
qwww.aexp-static.com/cdaas/api/axpi/omniture/scode/23.0.0/ 105 KB
36 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/scode/23.0.0/s_code_global_context.js
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 6a0923ce34c95410c9c39095ca28c256bc7d8f124bceb02aa222cf293f093be3

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 04:11:49 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 22:26:25 GMT
etag: W/"5e262911-1a51f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 36158
expires: Sun, 19 Jul 2020 22:37:03 GMT

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285

0
-1 B

115ms
29ms

XHR

63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285
X-TID: rg55QG2LTJA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.quicksign.fr
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.quicksign.fr
X-TID: rg55QG2LTJA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 4 KB
2 KB 32ms
31ms XHR
application/json 63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581394311285

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

355914e815857f7ef53756dad70d6aa88f4f432d3009eae8a5115e8c9742bdfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v059-044f5cfa6.edge-irl1.demdex.com 5.65.0.20200204084552 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: 4GRtXvXASKg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.quicksign.fr
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1369
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 id Show response
omns.americanexpress.com/ 90 B
635 B 105ms
27ms XHR
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=39939541105517555473118299052899757845&ts=1581394311436

Requested by

Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/visitorAPI-intl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

73a0295e67a741bf171baacd6322a3938d7ac895d581ef352083fbe967a5b487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Tue, 11 Feb 2020 04:11:51 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5d944dff5f-gx2wc
vary: Origin
x-c: master-1135.I1e15b2.M0-337
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.quicksign.fr
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript
content-length: 90
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 31ms
31ms XHR
application/json 63.33.112.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=39939541105517555473118299052899757845&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012F2114C38515B9A6-60000AFD25FFCAE6&ts=1581394311543

Requested by

Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/visitorAPI-intl.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.112.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-112-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e459f65815ac4b3713ef4cc740eca534b0c5889d4309d2a59db5ec907711882c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v059-0a86267ef.edge-irl1.demdex.com 5.65.0.20200204084552 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: RYJpwHW2Sgs=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.quicksign.fr
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1371
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s52561392403498 Show response
omns.americanexpress.com/b/ss/amexpressdev,amexpressenterprisedev/10/JS-2.17.0/ 4 KB
4 KB 52ms
52ms Script
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressdev,amexpressenterprisedev/10/JS-2.17.0/s52561392403498?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=11%2F1%2F2020%205%3A11%3A51%202%20-60&d.&nsid=15&jsonv=1&.d&mid=39939541105517555473118299052899757845&aid=2F2114C38515B9A6-60000AFD25FFCAE6&aamlh=6&ce=UTF-8&ns=1americanexpress&fpCookieDomainPeriods=2&pageName=FR%7CAMEX%7CAcq%7CICSS%7CCONSUMER%7CBasic%7CReconnection-eSign&g=https%3A%2F%2Fwww.quicksign.fr%2Fgeneric_fo%2Flogin.do%3Bjsessionid%3De3434af1a9d5a91a98ae1d3d88ed788f.qsign-app03%3Fid%3D24800287%26token%3D0o424nsitzse9nmshc&c.&omn.&productID=FR%3AICSS%3AE57&pagename=CONSUMER%7CBasic%7CReconnection-eSign&hierarchy=FR%7CAMEX%7CAcq%7CICSS&language=fr&newpagename=yes&pmc=E57&products=FR%3AICSS%3AE57&events=event105&ReqId=11438&PageId=22516&rwd=rwd&itagerror=%20omn.pcnnumber%20is%20missing%20omn.zipcode%20is%20missing&visitorCheck=VisitorAPI%20Present&itagexists=yes&gvs=1&etwidth=1600&etheight=1200&etratio=0.75&etorientation=landscape&.omn&.c&cc=USD&server=www.quicksign.fr&events=event105&products=%3BFR%3AICSS%3AE57&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=FR%7CAMEX%7CAcq%7CICSS&c3=fr&c4=FR&v22=D%3Dgctrac&c48=D%3Dgctrac&c49=ENS-Acq%20r23.0.0-AM%3A2.17.0-VISID%3A4.4.0-DIL%3A9.3-Mbox%3ANA-CSVisID%3Afalse-msuite%3Atrue-IHC%3Afalse&v65=D%3Domnmycademo&c67=D%3Dmrcards&v67=D%3Dmrcards&c75=npn&v94=D%3Dagent-id&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/scode/23.0.0/s_code_global_context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

8494b003b52c3f14cfb181399efe9bf076507f8093b1d8a7f0800be7fae1e835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-aam-tid: HmCmKSQxQkw=
date: Tue, 11 Feb 2020 04:11:51 GMT
x-content-type-options: nosniff
x-c: master-1135.I1e15b2.M0-337
p3p: CP="This is not a P3P policy"
status: 200
content-length: 3785
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v059-0711c09d9.edge-irl1.demdex.com 5.65.0.20200204084552 5ms (+1ms)
pragma: no-cache
last-modified: Wed, 12 Feb 2020 04:11:51 GMT
server: jag
xserver: anedge-5d944dff5f-2vn55
etag: 3396018423998021632-4619821174065542614
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 10 Feb 2020 04:11:51 GMT

GET
H/1.1 200
OK LogEvent.do
gct.americanexpress.com/gct/ 0
264 B 579ms
154ms Image
text/plain 139.71.18.163
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gct.americanexpress.com/gct/LogEvent.do?errCode%3DTimeout%26pageURL%3Dhttps%3A%2F%2Fwww.quicksign.fr%2FGENERIC_FO%2Flogin.do%3Bjsessionid%3DE3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03%3Fid%3D24800287%26token%3D0O424NSITZSE9NMSHC%40%40itag_pcnnumber%3Dundefined%40%40itag_pagename%3DCONSUMER%7CBasic%7CReconnection-eSign%40%40itag_products%3DFR%3AICSS%3AE57%40%40itag_events%3Dundefined%40%40omn.pcnnumber%3D%40%40omn.pagename%3DCONSUMER%7CBasic%7CReconnection-eSign%40%40omn.products%3DFR%3AICSS%3AE57%40%40omn.events%3Devent105undefined%26js_source%3Dcdaas_gctIntl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.18.163 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: gctv42.americanexpress.com
Software: / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 11 Feb 2020 04:12:00 GMT
Connection: keep-alive
X-Powered-By: Undertow/1
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.quicksign.fr/GENERIC_FO	1969-12-31 23:59:59	Name: JSESSIONID Value: 66CDAFD1069D683AE47D86DF4E1DCB4B.qsign-app03

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js(Line 3) Message: [QS NTP] Starting synchronization using this server URL: /GENERIC_FO/rest/time/current/iso (5 sync requests will be sent)
console-api	log	URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-util-1.0.11.js(Line 579) Message: [QS Event Logger] New event registered: {"time":"2020-02-11T04:11:49.031Z","timeSynchronized":false,"origin":"web-fo","type":"pageDisplay","properties":{"htmlPageTitle":"American Express","pageId":"pageReconnexion"}}
console-api	log	URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC(Line 913) Message: [object Object]
console-api	warning	URL: https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js(Line 2) Message: jQuery.Deferred exception: $(...).on is not a function TypeError: $(...).on is not a function at listenCheckboxConfirm (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js:11:18) at setListeners (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js:7:2) at HTMLDocument.<anonymous> (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js:2:2) at j (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js:2:29948) at k (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js:2:30262) undefined
console-api	log	URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=E3434AF1A9D5A91A98AE1D3D88ED788F.qsign-app03?id=24800287&token=0O424NSITZSE9NMSHC(Line 904) Message: success

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
gct.americanexpress.com
nexus.ensighten.com
omns.americanexpress.com
qwww.aexp-static.com
www.quicksign.fr
139.71.18.163
15.188.105.205
178.255.129.65
18.195.42.228
2a02:26f0:6c00:19f::2b19
63.33.112.209
03f8ccd1bb7c4b08691066c6ce667662a0eb414d7a64a45adce3bda3501834b2
070216208c96ea83fb1f8ad109d44508c9ef2121b97519abb35d986612bea573
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
1753b93cd7afd17615b1ed1851776005ddbea12ab98b23655b796d81cc31873c
17b28eb5752db25158a863c66a9518bda1b3e97e242c2d691b8eedc5cfc20503
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
1d16cba2d9ad2672b2935e0e5c04ac8b2307a9560e4dbb0f1df47afdbc35124b
1e9508ea625050b0cf95c80c61634286bc8b66555726d4cec9a0f144f093a74a
2ba921028f435a137dfb25cb49776a06b0ff7487dea2511991f8ff9f0c488e6b
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
355914e815857f7ef53756dad70d6aa88f4f432d3009eae8a5115e8c9742bdfa
357d43352c7b0cebd8f681f663d3f1a28ef0595bdcb42e3ce9ba13ec0dcaa648
40c72a6fd5e6614a6d3f66b91c914482e13e34778df553a05f3c5dfcc817e139
4505ed3cb1eef57601c232a71fa2c81139511b5ba1ee20a2198816a89dbf3b7a
4608ca554569d7240ee2dc760fe599d88519aacf7f5e928c17c720a5e572784a
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
56b5d89bd8daac91e4dd98f3e79e1078cc7f9f3c06143313a9e0aa53c6ab6ca1
5d4369152598dfe8058abbe2e8b84345f18d07e4ceb1dcc4fc3330b8e3a334e9
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
6a0923ce34c95410c9c39095ca28c256bc7d8f124bceb02aa222cf293f093be3
6a906b76a40112249eb0a594415b6a41c0fd3339395035126e632fe4886556e4
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
72d285d6474c89f7076927508b7556b83b1017f29ee4f59c12ccaaa4d1040666
73a0295e67a741bf171baacd6322a3938d7ac895d581ef352083fbe967a5b487
741511f68ced3e60fbb295a2706164a754222d81ea76615575b82cff80adfb54
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
83f8fc95267b9268a14e26952e5f0c0a9d272d7cbe2bccc67c3898663fe6535b
8494b003b52c3f14cfb181399efe9bf076507f8093b1d8a7f0800be7fae1e835
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8ba6bca834293efbdb1a8880dd911d2b1cb226dc30492bf19feb622cf99ab2f1
8edd02111db885fbd38ed7e12821b108a057e1b07395f4309aff639d5788f973
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
af9a520ece32f82864c7e73a511d6ccb53778132a22218801067431679fc01de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
b7f1d22566bf99ea752033ae7411efe765f100a255e1355d8c508e9027cf1447
b836f24c753e771cfc315ffb871bde9b9c2e2d4e04ef8438f039af93d2ef574a
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
bf77fb4b01e16efd14ced00a404c5a59a8d547a6a8a573a276898637d1d8a132
c061c740c6baa5171fbc1b96feba01a6fd0a29f9d8e8a37bed856b1e872b10db
cbaaf957e7584cf1a903a2a673e2451c56c1deb18d09efa353450cf563b64bec
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
e0c47780b1dfab5b7ceb09a1508ee652a8b950391eb3481ef9fcdc6cf63ebe6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e459f65815ac4b3713ef4cc740eca534b0c5889d4309d2a59db5ec907711882c
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454

www.quicksign.fr Open in urlscan Pro 178.255.129.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

6 IPs

5 Countries

447 kBTransfer

1180 kBSize

1 Cookies

30 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.quicksign.fr Open in urlscan Pro
178.255.129.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

5
Countries

447 kB
Transfer

1180 kB
Size

1
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!