urlscan.io logo urlscan.io
SecurityTrails logo

www.quicksign.fr Open in urlscan Pro
178.255.129.73  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qsn.to/Og5oLQ
Effective URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7H...
Submission: On January 06 via automatic, source openphish — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 33 HTTP transactions. The main IP is 178.255.129.73, located in Paris, France and belongs to AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR. The main domain is www.quicksign.fr.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 20th 2023. Valid for: a year.
This is the only time www.quicksign.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
2 30 178.255.129.73 29605 (AXIANS_CL...)
1 2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
4 2a02:26f0:170... 20940 (AKAMAI-ASN1)
33 4
Apex Domain
Subdomains		 Transfer
29 quicksign.fr
www.quicksign.fr
4 MB
6 aexp-static.com
qwww.aexp-static.com — Cisco Umbrella Rank: 754647
qicm.aexp-static.com — Cisco Umbrella Rank: 471924
43 KB
1 qsn.to
qsn.to
122 B
33 3
Domain Requested by
29 www.quicksign.fr 1 redirects www.quicksign.fr
4 qicm.aexp-static.com www.quicksign.fr
qwww.aexp-static.com
qicm.aexp-static.com
2 qwww.aexp-static.com 1 redirects www.quicksign.fr
1 qsn.to 1 redirects
33 4
Subject Issuer Validity Valid
*.quicksign.fr
Sectigo RSA Domain Validation Secure Server CA		 2023-07-20 -
2024-07-21		 a year crt.sh
qwww.americanexpress.com
DigiCert EV RSA CA G2		 2023-10-27 -
2024-10-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Frame ID: 46E84B2DD5659D96AF3077DE4CAB9416
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

American Express

Page URL History Show full URLs

  1. https://qsn.to/Og5oLQ HTTP 301
    https://www.quicksign.fr/GENERIC_FO/redirect.do?st=Og5oLQ HTTP 302
    https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • aexp-static\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

33
Requests

97 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3636 kB
Transfer

4150 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qsn.to/Og5oLQ HTTP 301
    https://www.quicksign.fr/GENERIC_FO/redirect.do?st=Og5oLQ HTTP 302
    https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js HTTP 301
  • https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02
www.quicksign.fr/GENERIC_FO/
Redirect Chain
  • https://qsn.to/Og5oLQ
  • https://www.quicksign.fr/GENERIC_FO/redirect.do?st=Og5oLQ
  • https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
51 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
ba0afe672ede1be38a524c03a02cdd2aef37f8b75a877addd77c501595804779
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin
cache-control
no-cache,no-store,max-age=0
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 02:10:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
No-cache
server
none
strict-transport-security
max-age=31540000
transfer-encoding
chunked
x-content-type-options
: nosniff
x-xss-protection
: 1;mode=block

Redirect headers

Location
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin
cache-control
no-cache,no-store,max-age=0
content-length
0
content-type
text/html
date
Sat, 06 Jan 2024 02:10:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
No-cache
server
none
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
x-xss-protection
: 1;mode=block
jquery-3.1.1.min.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
W/"6103ed1f-152b5"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
bootstrap.min.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/bootstrap.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
W/"6103ed41-91d2"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
main.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 		502 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-1f6"
content-type
application/javascript
accept-ranges
bytes
content-length
502
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/ 		370 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-172"
content-type
text/css
accept-ranges
bytes
content-length
370
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/ 		384 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
"6103ed41-180"
content-type
text/css
accept-ranges
bytes
content-length
384
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ 		391 B
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-187"
content-type
text/css
accept-ranges
bytes
content-length
391
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/ 		377 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
"6103ed41-179"
content-type
text/css
accept-ranges
bytes
content-length
377
styles.css
www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/ 		800 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
f9a43271398e748acd2e8a1c69e4b46ca5de471374d11bc18a8b1aa6af457444
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Mon, 24 Apr 2023 10:02:28 GMT
server
nginx
etag
"644653b4-320"
content-type
text/css
accept-ranges
bytes
content-length
800
dls.min.css
www.quicksign.fr/css-soa3/AMEX/ 		344 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/css-soa3/AMEX/dls.min.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
05881f9e5c1d5b75296f36a455160938f40dc06066e41e30804655de5eec5495
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Wed, 29 Mar 2023 18:03:29 GMT
server
nginx
etag
W/"64247d71-55e3c"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
text/css
dls.min.js
www.quicksign.fr/js-soa3/AMEX/ 		118 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/js-soa3/AMEX/dls.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Wed, 29 Mar 2023 18:03:29 GMT
server
nginx
etag
W/"64247d71-1d655"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
jquery-1.5.2.min.js
www.quicksign.fr/GENERIC_FO/scripts/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Fri, 05 Jan 2024 02:20:34 GMT
server
none
etag
W/"85925-1704421234000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
85925
x-xss-protection
: 1;mode=block
qs-util-1.0.11.js
www.quicksign.fr/js-soa3/lib/qs/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/js-soa3/lib/qs/qs-util-1.0.11.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:25 GMT
server
nginx
etag
W/"6103ed21-456b"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
qs-ntp-1.0.4.min.js
www.quicksign.fr/js-soa3/lib/qs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:15:00 GMT
server
nginx
etag
W/"6103ed44-c45"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
qs-event-logger-1.3.0.min.js
www.quicksign.fr/js-soa3/lib/qs/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/js-soa3/lib/qs/qs-event-logger-1.3.0.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:25 GMT
server
nginx
etag
W/"6103ed21-3886"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
jquery-ui.min.js
www.quicksign.fr/GENERIC_FO/scripts/ 		197 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/scripts/jquery-ui.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Fri, 05 Jan 2024 02:20:35 GMT
server
none
etag
W/"201658-1704421235000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
201658
x-xss-protection
: 1;mode=block
jquery-ui.min.css
www.quicksign.fr/GENERIC_FO/css/ 		24 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/css/jquery-ui.min.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Fri, 05 Jan 2024 02:20:34 GMT
server
none
etag
W/"25085-1704421234000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/css
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
25085
x-xss-protection
: 1;mode=block
login.js
www.quicksign.fr/GENERIC_FO/scripts/custom/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/scripts/custom/login.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Fri, 05 Jan 2024 02:20:35 GMT
server
none
etag
W/"3431-1704421235000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
3431
x-xss-protection
: 1;mode=block
dls-logo-bluebox-solid.svg
www.quicksign.fr/images-soa3/external/AMEX/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/dls-logo-bluebox-solid.svg
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
W/"6103ed41-962"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
image/svg+xml
Logo_Blue_Card_amex.png
www.quicksign.fr/images-soa3/external/AMEX/cartes/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/cartes/Logo_Blue_Card_amex.png
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
26ae325a4dfa8194bdbf21559089df439754362be5ad38eb2fc3f2477c73dbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Mon, 10 Jan 2022 08:30:09 GMT
server
nginx
etag
"61dbee91-2f1269"
content-type
image/png
accept-ranges
bytes
content-length
3084905
clear.gif
qwww.aexp-static.com/nav/ngn/img/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qwww.aexp-static.com/nav/ngn/img/clear.gif
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:188::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:58 GMT
last-modified
Sat, 01 Feb 2020 02:27:57 GMT
etag
"5e34e22d-2b"
vary
Origin
content-type
image/gif
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
43
inav_intlEapp.js
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/
Redirect Chain
  • https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
  • https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
Protocol
H2
Server
2a02:26f0:1700:392::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9ea9e26164864fd94da9b4e3097139d91ef15ce10ee7edab57bcde1d0f427095

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:58 GMT
content-encoding
gzip
last-modified
Fri, 25 Aug 2023 08:13:37 GMT
etag
"c40-603baebec917c-gzip"
vary
Accept-Encoding,Origin
content-type
application/javascript
accept-ranges
bytes
content-length
1273

Redirect headers

location
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
date
Sat, 06 Jan 2024 02:10:57 GMT
server
AkamaiGHost
content-length
0
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ 		24 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1704507057264
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
b6baa2e72242ba734714aa64b5fc8861c626e53ab82096333d0c7a7e5ec75013
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ 		24 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1704507057288
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
0b91c8e7467f7769c775a62bf94fbd28abb545931c9ab4b61da523de7222820a
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ 		24 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1704507057312
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
1c4a621a58e8057ff88ea279c4b6b1c482d5ab93a6c26a73e6bed3caa7da851f
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e864a6486e4c3495536fece0afa29f970e3522b7a14e3153131230af65cae8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f2dc7871e73693d3077711736405df39186e481a230ba62ea77c6c1f9cbb784

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
BentonSans-Regular.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/BentonSans-Regular.otf
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

Referer
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Origin
https://www.quicksign.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
"6103ed41-b2fc"
content-type
application/octet-stream
accept-ranges
bytes
content-length
45820
HelveticaNeue%20Regular.ttf
www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/HelveticaNeue%20Regular.ttf
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
f2d8cf55ad5b917b333bb917219f111f39087511814cf027662fa25f61d00577
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

Referer
https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/styles.css
Origin
https://www.quicksign.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
last-modified
Wed, 29 Mar 2023 18:03:29 GMT
server
nginx
etag
"64247d71-a0dc"
content-type
application/octet-stream
accept-ranges
bytes
content-length
41180
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ 		24 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1704507057346
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
4e8fa553861ed8740dd29071a412d8fb4208144874ff9a56eb9c9901094a62e3
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/ 		24 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1704507057379
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
640b1e691ccb59f5770ef084dc49d1326eebdace21d96e4505b53005808fad4e
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
inav_intlEapp.css
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
Requested by
Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
53f66044d7356370e82a342254d83c381b8a1ce42ba420195261379f21da4714

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:58 GMT
content-encoding
br
last-modified
Tue, 07 Mar 2023 21:56:42 GMT
server
Akamai Resource Optimizer
etag
"660e-5cfb7cf8adc16-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
3461
AUB7HRCCABNPPG43U2
www.quicksign.fr/GENERIC_FO/rest/bel/ 		44 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/bel/AUB7HRCCABNPPG43U2
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN29605 (AXIANS_CLOUD_SERVICES_PROVIDER 6 boulevard national, FR),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02?id=61859120&token=AUB7HRCCABNPPG43U2
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jan 2024 02:10:57 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
transfer-encoding
chunked
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
application/json
access-control-allow-origin
https://www.quicksign.fr
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
x-xss-protection
: 1;mode=block
iNav_ngi_sprite_footer.gif
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ 		934 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_ngi_sprite_footer.gif
Requested by
Host: qicm.aexp-static.com
URL: https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:59 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 10:40:51 GMT
etag
"3a6-5cfb7cf8fba35-gzip"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
302
iNav_ngi_sprite_new.gif
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ 		38 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
Requested by
Host: qicm.aexp-static.com
URL: https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
083e024a2e338291fd1819373cd6ff56a3fd98202464243ce2e4d27cb24dece3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 10:40:51 GMT
etag
"99eb-5cfb7cf8c2451-gzip"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=2565
accept-ranges
bytes
content-length
37786

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| setListeners function| listenCheckboxConfirm function| webpackHotUpdate object| DLS function| qsLog function| QsMessaging function| QsUtil function| QsNtp string| belToken function| QsEventLogger object| qsEventLogger object| jQuery15206091775479704731 string| msg string| msg_code function| DP_jQuery_1704507057326 function| loadMessages boolean| qsIsSubmitted function| verifierEmail function| verifierFormatEmail boolean| visible function| hideShow string| vEmail string| vDateNaissance string| vEmailErrone object| NAV function| initOmnDefault number| ice function| omn_rmaction function| omn_rmvar function| omn_bpoclick function| omn_bpoimpression function| ctn_rmaction function| ctn_rmvar function| omn_mer_rmaction function| omn_mer_rmleadstart function| omn_mer_rmshare function| omn_mer_rmvidstart function| omn_mer_rmvidcomplete function| omn_mer_trackdownload function| omn_mer_rmvar function| omn_mer_tracklogin function| omn_relatedprodclick function| searchWidgetAction function| searchWidgetError function| searchWidgetFAQAction function| searchWidgetHyperlinkClick function| searchWidgetSearch function| omn_rmdiscuss function| omn_rmfollowcomplete function| omn_rmfollowstart function| omn_rmlogin function| omn_rmprofile function| omn_rmregcomplete function| omn_rmregstart function| omn_rmaddpaybill function| omn_rmaddsscard function| omn_rmeStatement function| t function| tl string| donneesMetier12 object| elementsDonneeMetier12 object| $itag string| itag_pagename string| itag_pmc string| itag_products function| loadErrorMessage function| postDataFlag

1 Cookies

Domain/Path Name / Value
www.quicksign.fr/GENERIC_FO Name: JSESSIONID
Value: qsign-soa3-fo-02~6697C3A0B52AA54138CAB6E5965B88D2.qsign-soa3-fo-02

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qicm.aexp-static.com
qsn.to
qwww.aexp-static.com
www.quicksign.fr
178.255.129.73
2a02:26f0:1700:188::2b19
2a02:26f0:1700:392::2b19
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
05881f9e5c1d5b75296f36a455160938f40dc06066e41e30804655de5eec5495
083e024a2e338291fd1819373cd6ff56a3fd98202464243ce2e4d27cb24dece3
0b91c8e7467f7769c775a62bf94fbd28abb545931c9ab4b61da523de7222820a
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
1c4a621a58e8057ff88ea279c4b6b1c482d5ab93a6c26a73e6bed3caa7da851f
26ae325a4dfa8194bdbf21559089df439754362be5ad38eb2fc3f2477c73dbb8
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
3f2dc7871e73693d3077711736405df39186e481a230ba62ea77c6c1f9cbb784
48e864a6486e4c3495536fece0afa29f970e3522b7a14e3153131230af65cae8
4e8fa553861ed8740dd29071a412d8fb4208144874ff9a56eb9c9901094a62e3
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
53f66044d7356370e82a342254d83c381b8a1ce42ba420195261379f21da4714
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
640b1e691ccb59f5770ef084dc49d1326eebdace21d96e4505b53005808fad4e
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
9ea9e26164864fd94da9b4e3097139d91ef15ce10ee7edab57bcde1d0f427095
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
b6baa2e72242ba734714aa64b5fc8861c626e53ab82096333d0c7a7e5ec75013
ba0afe672ede1be38a524c03a02cdd2aef37f8b75a877addd77c501595804779
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
f2d8cf55ad5b917b333bb917219f111f39087511814cf027662fa25f61d00577
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
f9a43271398e748acd2e8a1c69e4b46ca5de471374d11bc18a8b1aa6af457444