www.quicksign.fr Open in urlscan Pro
178.255.129.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.quicksign.fr/GENERIC_FO/?id=24867187&token=LFA2ECU8052BXNGDVU
Effective URL:
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LF...
Submission: On February 13 via manual (February 13th 2020, 12:57:50 pm UTC) from BR

Summary HTTP 54 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 5 domains to perform 54 HTTP transactions. The main IP is 178.255.129.65, located in Nogent-sur-Marne, France and belongs to BCS 32 rue Delizy, FR. The main domain is www.quicksign.fr.
TLS certificate: Issued by GlobalSign Organization Validation CA... on August 7th 2018. Valid for: 2 years.

This is the only time www.quicksign.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 32	178.255.129.65 178.255.129.65	29605 (BCS 32 ru...) (BCS 32 rue Delizy)
5	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
12	2a02:26f0:6c0... 2a02:26f0:6c00:19f::2b19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	63.35.240.22 63.35.240.22	16509 (AMAZON-02) (AMAZON-02)
2	15.188.105.205 15.188.105.205	16509 (AMAZON-02) (AMAZON-02)
1	139.71.50.190 139.71.50.190	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
54	6

32 178.255.129.65 (Nogent-sur-Marne, France) 1 redirects

ASN29605 (BCS 32 rue Delizy, FR)
PTR: www.quicksign.fr

www.quicksign.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:6c00:19f::2b19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

qwww.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.35.240.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.50.190 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv4-r2.americanexpress.com

gct.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	quicksign.fr 1 redirects www.quicksign.fr	299 KB
12	aexp-static.com qwww.aexp-static.com	117 KB
5	ensighten.com nexus.ensighten.com	23 KB
4	demdex.net 1 redirects dpm.demdex.net	5 KB
3	americanexpress.com omns.americanexpress.com gct.americanexpress.com	5 KB
54	5

	Domain	Requested by
32	www.quicksign.fr	1 redirects www.quicksign.fr
12	qwww.aexp-static.com	www.quicksign.fr nexus.ensighten.com qwww.aexp-static.com
5	nexus.ensighten.com	www.quicksign.fr nexus.ensighten.com qwww.aexp-static.com
4	dpm.demdex.net	1 redirects www.quicksign.fr qwww.aexp-static.com
2	omns.americanexpress.com	qwww.aexp-static.com
1	gct.americanexpress.com
54	6

This site contains links to these domains. Also see Links.

Domain
qwww.americanexpress.com
www.americanexpress.com
e2sglobal.americanexpress.com
www.facebook.com
icm.americanexpress.com
qbusiness.americanexpress.com
americanexpress-fr.custhelp.com
www.votrecarteauquotidien.fr
www209.americanexpress.com
qwww316.americanexpress.com
www.assurances.americanexpress.fr
careers.americanexpress.com

Subject Issuer	Validity	Valid
*.quicksign.fr GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-07` - `2020-10-19`	2 years	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2019-10-03` - `2020-10-02`	a year	crt.sh
qwww.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2020-01-24` - `2022-04-28`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
omns.americanexpress.com DigiCert SHA2 Secure Server CA	`2020-02-06` - `2022-02-10`	2 years	crt.sh
gctv4-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2019-05-10` - `2021-05-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Frame ID: 77E6EDD2755C295EDF050170167E6264
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.quicksign.fr/GENERIC_FO/?id=24867187&token=LFA2ECU8052BXNGDVU HTTP 302
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

54
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

5
Countries

447 kB
Transfer

1180 kB
Size

3
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://qwww.americanexpress.com/fr/

Search URL Search Domain Scan URL

URL: https://qwww.americanexpress.com/change-country/?inav=fr_utility_choosecountry
Title: Autres pays

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/contact.html?inav=fr_utility_contact_cm
Title: Contactez-nous

Search URL Search Domain Scan URL

URL: https://e2sglobal.americanexpress.com/myca/intl/acctsumm/emea/accountSummary.do?request_type=&Face=fr_FR&page=PR&intlink=seconnecter_myca&inav=fr_utility_login
Title: Se connecter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanExpressFrance

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/avantages-carte-haut-de-gamme/?inav=fr_sitefooter_allcards
Title: Cartes pour les particuliers

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/cartes-paiement-flying-blue/?inav=fr_sitefooter_afcards
Title: Cartes AIR FRANCE KLM - AMEX

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/adherents-club-fnac/?inav=fr_sitefooter_premium
Title: Les offres adhérents Club Fnac

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/cartes-business/?inav=fr_sitefooter_sbscards
Title: Cartes Business

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/cartes-business/cartes-pro-air-france/?inav=fr_sitefooter_cardspro
Title: Cartes PRO

Search URL Search Domain Scan URL

URL: https://qbusiness.americanexpress.com/fr?inav=fr_sitefooter_corpcards
Title: Cartes Corporate

Search URL Search Domain Scan URL

URL: https://americanexpress-fr.custhelp.com/cgi-bin/americanexpress_fr.cfg/php/enduser/std_adp.php?p_sid=gEOQCJTk&p_accessibility=&p_redirect=&p_search_text=vol&p_widx=1&p_faqid=307&p_topview=1&inav=fr_sitefooter_stolencards
Title: Carte perdue ou volée

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/merchant/help-pin-express-card.html?inav=fr_sitefooter_pin
Title: Code confidentiel

Search URL Search Domain Scan URL

URL: https://www.votrecarteauquotidien.fr/ou-utiliser-votre-carte?inav=fr_sitefooter_coverage
Title: Où utiliser votre carte ?

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/marketing-data-intl/emea/fr_FR/merchant/home?inav=fr_sitefooter_merchants
Title: Espace commerçants

Search URL Search Domain Scan URL

URL: https://qwww.americanexpress.com/france/services-en-ligne-et-mobile/?page=CM&inav=fr_sitefooter_myca#services-en-ligne
Title: Services en ligne et mobile

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/benefits/additional-cards.html?inav=fr_sitefooter_supp
Title: Carte supplémentaire

Search URL Search Domain Scan URL

URL: https://qwww316.americanexpress.com/iFormsSecure/un/iforms.do?cuid=emgmUpliftMGMER_fr_FR&evtsrc=link&evttype=0&mgmerSource=mgmerHub&page=pr&inav=fr_sitefooter_mgm
Title: Parrainage de carte

Search URL Search Domain Scan URL

URL: https://www.assurances.americanexpress.fr/?page=PR&inav=fr_sitefooter_insurance
Title: Assurances

Search URL Search Domain Scan URL

URL: http://americanexpress-fr.custhelp.com/cgi-bin/americanexpress_fr.cfg/php/enduser/ps_landing_page.php?page=CM&inav=fr_sitefooter_faq
Title: FAQs

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/about-american-express.html?inav=fr_sitefooter_aboutamex
Title: A propos d'American Express

Search URL Search Domain Scan URL

URL: https://careers.americanexpress.com/LangHome?lang=fr&inav=fr_sitefooter_careers
Title: Emploi et Carrières

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/press.html?inav=fr_sitefooter_press
Title: Espace Presse

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/contact.html?inav=fr_sitefooter_contact_pr
Title: Contactez-nous

Search URL Search Domain Scan URL

URL: https://icm.americanexpress.com/fr/content/site-map.html?inav=fr_sitefooter_sitemap
Title: Plan du site

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/trademarks.html?inav=fr_legalfooter_trademark
Title: Marques déposées

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/terms-and-conditions.html?inav=fr_legalfooter_termsofuse
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/privacy.html?inav=fr_legalfooter_privacy
Title: Protection des données

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/content/security.html?inav=fr_legalfooter_securityalerts
Title: Sécurité

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/fr/
Title: American Express Company

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.quicksign.fr/GENERIC_FO/?id=24867187&token=LFA2ECU8052BXNGDVU HTTP 302
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03 Show response
www.quicksign.fr/GENERIC_FO/
Redirect Chain

http://www.quicksign.fr/GENERIC_FO/?id=24867187&token=LFA2ECU8052BXNGDVU
https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

44 KB
10 KB

215ms
118ms

Document
text/html

178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

7afcf01231c9176f6a78d5777220835c8a9f351e2d08035fcd5269b6f67be9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Host: www.quicksign.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Server: Apache
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Pragma: No-cache
Cache-Control: no-cache,no-store,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9039
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8

Redirect headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Server: Apache
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Set-Cookie: JSESSIONID=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03; Path=/GENERIC_FO; Secure; HttpOnly
Pragma: No-cache
Cache-Control: no-cache,no-store,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 85 KB
30 KB 34ms
31ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 30080
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "152b5-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK bootstrap.min.js Show response
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 36 KB
10 KB 118ms
29ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/bootstrap.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 9921
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "91d2-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK main.js Show response
www.quicksign.fr/images-soa3/external/AMEX/assets/js/ 502 B
1 KB 137ms
31ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 275
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "1f6-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/ 370 B
924 B 86ms
32ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 187
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "172-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/ 384 B
927 B 86ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 190
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "180-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ 391 B
928 B 86ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 191
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "187-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/ 377 B
926 B 87ms
29ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/styles.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 189
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "179-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK bootstrap.min.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 119 KB
20 KB 90ms
32ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/bootstrap.min.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

4608ca554569d7240ee2dc760fe599d88519aacf7f5e928c17c720a5e572784a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 20119
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "1dd77-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK bootstrap-theme.min.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 24 KB
4 KB 86ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/bootstrap-theme.min.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

83f8fc95267b9268a14e26952e5f0c0a9d272d7cbe2bccc67c3898663fe6535b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 2867
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "5f5a-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=150

GET
H/1.1 200
OK style.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 7 KB
3 KB 116ms
29ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/style.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

cbaaf957e7584cf1a903a2a673e2451c56c1deb18d09efa353450cf563b64bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1844
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "1de4-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK tablette.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 130 B
837 B 115ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/tablette.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

357d43352c7b0cebd8f681f663d3f1a28ef0595bdcb42e3ce9ba13ec0dcaa648

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 101
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "82-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK mobile.css
www.quicksign.fr/images-soa3/external/AMEX/assets/css/ 793 B
1 KB 115ms
28ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/css/mobile.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

b7f1d22566bf99ea752033ae7411efe765f100a255e1355d8c508e9027cf1447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 348
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "319-59c07b650b540"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK jquery-1.5.2.min.js Show response
www.quicksign.fr/GENERIC_FO/scripts/ 84 KB
30 KB 150ms
34ms Script
text/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 29910
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"85925-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK qs-util-1.0.11.js Show response
www.quicksign.fr/js-soa3/lib/qs/ 17 KB
6 KB 147ms
30ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/js-soa3/lib/qs/qs-util-1.0.11.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5132
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:20 GMT
Server: Apache
ETag: "456b-59c07b6417300"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK qs-ntp-1.0.4.min.js Show response
www.quicksign.fr/js-soa3/lib/qs/ 3 KB
2 KB 146ms
29ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1447
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:20 GMT
Server: Apache
ETag: "c45-59c07b6417300"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=146

GET
H/1.1 200
OK qs-event-logger-1.3.0.min.js Show response
www.quicksign.fr/js-soa3/lib/qs/ 14 KB
6 KB 149ms
31ms Script
application/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/js-soa3/lib/qs/qs-event-logger-1.3.0.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5203
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Mon, 13 Jan 2020 16:10:20 GMT
Server: Apache
ETag: "3886-59c07b6417300"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.quicksign.fr/GENERIC_FO/scripts/ 197 KB
52 KB 167ms
36ms Script
text/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/scripts/jquery-ui.min.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 51997
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"201658-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H/1.1 200
OK jquery-ui.min.css
www.quicksign.fr/GENERIC_FO/css/ 24 KB
5 KB 117ms
30ms Stylesheet
text/css 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/css/jquery-ui.min.css

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 4599
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"25085-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK login.js Show response
www.quicksign.fr/GENERIC_FO/scripts/custom/ 3 KB
2 KB 164ms
28ms Script
text/javascript 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/scripts/custom/login.js

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1120
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Last-Modified: Tue, 11 Feb 2020 03:00:21 GMT
Server: Apache
ETag: W/"3431-1581390021000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Keep-Alive: timeout=5, max=148

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/amex/intl_amexhead-qa/ 63 KB
19 KB 87ms
40ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/Bootstrap.js
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 17b28eb5752db25158a863c66a9518bda1b3e97e242c2d691b8eedc5cfc20503

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 21:45:44 GMT
server: nginx
etag: W/"5e30ab88-fb6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300

GET
H2 200 inav_intlEapp.css
qwww.aexp-static.com/nav/ngn/css/ 21 KB
4 KB 369ms
58ms Stylesheet
text/css 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 070216208c96ea83fb1f8ad109d44508c9ef2121b97519abb35d986612bea573

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: W/"5e34e22d-5398"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3590
expires: Sat, 01 Aug 2020 21:32:12 GMT

GET
H2 200 btnSpriteStyles.css
qwww.aexp-static.com/nav/ngn/css/ 20 KB
3 KB 369ms
59ms Stylesheet
text/css 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/nav/ngn/css/btnSpriteStyles.css
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: af9a520ece32f82864c7e73a511d6ccb53778132a22218801067431679fc01de

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: W/"5e34e22d-51dc"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3357
expires: Sat, 01 Aug 2020 19:45:05 GMT

GET
H2 200 logo_bluebox.gif
qwww.aexp-static.com/nav/ngn/img/ 4 KB
5 KB 370ms
59ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/logo_bluebox.gif
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
last-modified: Sat, 01 Feb 2020 02:31:45 GMT
etag: "5e34e311-1148"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4424
expires: Sun, 02 Aug 2020 01:47:16 GMT

GET
H/1.1 200
OK af_klm_gold_di_160x101.png
www.quicksign.fr/images-soa3/external/AMEX/cartes/ 13 KB
14 KB 28ms
27ms Image
image/png 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/cartes/af_klm_gold_di_160x101.png

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

1e9508ea625050b0cf95c80c61634286bc8b66555726d4cec9a0f144f093a74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: "33a5-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 13221
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK ico-faq.svg
www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ 1 KB
2 KB 29ms
28ms Image
image/svg+xml 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ico-faq.svg

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

8ba6bca834293efbdb1a8880dd911d2b1cb226dc30492bf19feb622cf99ab2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: "564-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 1380
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK ico-tel.svg
www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ 768 B
1 KB 28ms
28ms Image
image/svg+xml 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/pictures/ico-tel.svg

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

2ba921028f435a137dfb25cb49776a06b0ff7487dea2511991f8ff9f0c488e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: "300-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 768
Keep-Alive: timeout=5, max=147

GET
H2 200 clear.gif
qwww.aexp-static.com/nav/ngn/img/ 43 B
218 B 165ms
60ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/clear.gif
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-2b"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 03 Aug 2020 04:32:34 GMT

GET
H2 200 inav_intlEapp.js Show response
qwww.aexp-static.com/nav/ngn/js/ 6 KB
2 KB 192ms
59ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 03f8ccd1bb7c4b08691066c6ce667662a0eb414d7a64a45adce3bda3501834b2

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Sat, 01 Feb 2020 02:31:45 GMT
etag: W/"5e34e311-1942"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 1864
expires: Sat, 01 Aug 2020 20:46:19 GMT

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 29ms
29ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581598654669

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

fc28e55420a7276dc557baaa797aa1a6ae3911d30f50817de028020349c32251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=146

GET
H2 200 visitorAPI-intl.js Show response
qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/ 59 KB
20 KB 208ms
111ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/visitorAPI-intl.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 913d965bf5c0a8d038c0f4166bcaa1b41c0e26463cf42b39dfabdede49018201

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 20:01:35 GMT
etag: W/"5e43081f-ec1f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 19769
expires: Sun, 09 Aug 2020 20:20:21 GMT

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 30ms
29ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581598654700

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

01a9cb59aaf8b0360b397043fb4dea8f9fdd829298f457c5fa9ef179e2005410

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=145

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 29ms
29ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581598654731

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

92f4adbfa1f9fd5e98dfe8c8c9fad9b502a03118a7f9f58527d727d98ff25c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=144

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 32ms
31ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581598654761

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

485b5e8351cbf4fdcd6436c8dbed1cdfa1c348dd30bd0d75ca8a161ee406bf36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=143

GET
H/1.1 200
OK iso Show response
www.quicksign.fr/GENERIC_FO/rest/time/current/ 24 B
687 B 29ms
29ms XHR
text/plain 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1581598654794

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

cedd5c0affd06304725ea5365211a7216239b94105deeaf573a61afb7ad7ab11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Content-Encoding: gzip
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 44
Keep-Alive: timeout=5, max=142

GET
H2 200 iNav_ngi_sprite_new.gif
qwww.aexp-static.com/nav/ngn/img/ 23 KB
23 KB 29ms
28ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3

Request headers

Referer: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-5b47"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 23367
expires: Sat, 01 Aug 2020 22:28:08 GMT

GET
H2 200 img_shdw_mainNav.png
qwww.aexp-static.com/nav/ngn/img/ 143 B
319 B 28ms
28ms Image
image/png 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b

Request headers

Referer: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-8f"
content-type: image/png
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 143
expires: Sat, 01 Aug 2020 22:09:00 GMT

GET
H/1.1 200
OK BentonSans-Regular.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/ 45 KB
45 KB 28ms
27ms Font
application/octet-stream 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/BentonSans-Regular.otf

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "b2fc-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 45820
Keep-Alive: timeout=5, max=141

GET
H2 200 Bootstrap.js Show response
qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/ 66 KB
20 KB 43ms
43ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 6a906b76a40112249eb0a594415b6a41c0fd3339395035126e632fe4886556e4

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 18:25:52 GMT
etag: W/"5de7fa30-106b5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 19727
expires: Thu, 04 Jun 2020 06:29:12 GMT

GET
H2 200 iNav_ngi_sprite_footer.gif
qwww.aexp-static.com/nav/ngn/img/ 934 B
1 KB 39ms
39ms Image
image/gif 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qwww.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_footer.gif
Requested by: Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12

Request headers

Referer: https://qwww.aexp-static.com/nav/ngn/css/inav_intlEapp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
last-modified: Sat, 01 Feb 2020 02:27:57 GMT
etag: "5e34e22d-3a6"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 934
expires: Sun, 02 Aug 2020 03:03:39 GMT

GET
H/1.1 200
OK BentonSans-Bold.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/ 45 KB
46 KB 27ms
27ms Font
application/octet-stream 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/BentonSans-Bold.otf

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

40c72a6fd5e6614a6d3f66b91c914482e13e34778df553a05f3c5dfcc817e139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Referer: https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/styles.css
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Feb 2020 12:57:34 GMT
Last-Modified: Mon, 13 Jan 2020 16:10:21 GMT
Server: Apache
ETag: "b434-59c07b650b540"
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Content-Length: 46132
Keep-Alive: timeout=5, max=146

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/amex/intl_amexhead-qa/ 181 B
323 B 26ms
26ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.quicksign.fr%2FGENERIC_FO%2Flogin.do%3Bjsessionid%3DEC59655AD97AA74C63870BEE1B19ED7A.qsign-app03%3Fid%3D24867187%26token%3DLFA2ECU8052BXNGDVU%26ensMarket%3D%26ens_env%3D2
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/amex/intl_amexhead-qa/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 21ceec019ac333b4d809e4aa39286582e5913a00c3df7f7c4aae34589cae2f22

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Thu, 13 Feb 2020 12:57:34 GMT
cache-control: no-cache, no-store
expires: Thu, 13 Feb 2020 12:57:33 GMT
server: nginx
content-length: 181
content-type: text/javascript

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916

0
-1 B

38ms
37ms

XHR

63.35.240.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916
X-TID: aqpUU8rsSQ4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.quicksign.fr
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.quicksign.fr
X-TID: aqpUU8rsSQ4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gct.js Show response
qwww.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ 15 KB
4 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/gct/1.0.0/gct.js?gct=Intl
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 4505ed3cb1eef57601c232a71fa2c81139511b5ba1ee20a2198816a89dbf3b7a

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:34 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 10:05:16 GMT
etag: W/"5e3158dc-3b74"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 3762
expires: Mon, 27 Jul 2020 10:19:40 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/amex/ 389 B
531 B 572ms
571ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/serverComponent.php?clientID=218&PageID=https%3A%2F%2Fwww.quicksign.fr%2FGENERIC_FO%2Flogin.do%3Bjsessionid%3DEC59655AD97AA74C63870BEE1B19ED7A.qsign-app03%3Fid%3D24867187%26token%3DLFA2ECU8052BXNGDVU%26ensMarket%3Dfr_fr%26ens_env%3D2%26e_pageId%3D22516%26deviceType%3Dlarge
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ae4a532ecdfa38cc29e4593e92d07a8673afdf86eb804fd3e7fef4a9b98d9fb4

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Thu, 13 Feb 2020 12:57:35 GMT
cache-control: no-cache, no-store
expires: Thu, 13 Feb 2020 12:57:34 GMT
server: nginx
content-length: 389
content-type: text/javascript

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 4 KB
2 KB 40ms
40ms XHR
application/json 63.35.240.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1581598654916

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

773613407fc1edc52bc6513107656acf6fb8d64a0406ac712773cb8485f8af2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v059-0b6e5d7b1.edge-irl1.demdex.com 5.65.0.20200204084552 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: verPeljDSUU=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.quicksign.fr
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1367
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 id Show response
omns.americanexpress.com/ 89 B
644 B 105ms
31ms XHR
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=87914740708949382431274255354075408733&ts=1581598654998

Requested by

Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/visitorAPI-intl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

81841b356eb3c762478e9f3b4a9961ba38d47c727b773a21c014e41381378ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Thu, 13 Feb 2020 12:57:34 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-86dcc5cfb5-n8xjh
vary: Origin
x-c: master-1151.Id9df28.M0-344
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.quicksign.fr
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 89
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 42ms
41ms XHR
application/json 63.35.240.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=87914740708949382431274255354075408733&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012F22A3DF85159658-6000088CE097E5F3&ts=1581598655105

Requested by

Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/visitorAPI-intl.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0396843c2bb8cd7e4633a24003830532d6ee203a18c5e31567857b533efd8fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Origin: https://www.quicksign.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v059-02de125d8.edge-irl1.demdex.com 5.65.0.20200204084552 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: ITWMECurR6o=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.quicksign.fr
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1368
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 48e6f477c1f0b741cd851153449f4d5e.js Show response
nexus.ensighten.com/amex/prod/code/ 10 KB
2 KB 22ms
22ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/prod/code/48e6f477c1f0b741cd851153449f4d5e.js?conditionId0=181141
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1753b93cd7afd17615b1ed1851776005ddbea12ab98b23655b796d81cc31873c

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Jan 2020 20:44:37 GMT
server: nginx
etag: W/"5e1f79b5-26b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 5f7e2e7c7a153aeab2e9a38a8a68e8f5.js Show response
nexus.ensighten.com/amex/prod/code/ 7 KB
1022 B 23ms
22ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/amex/prod/code/5f7e2e7c7a153aeab2e9a38a8a68e8f5.js?conditionId0=4854943
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8edd02111db885fbd38ed7e12821b108a057e1b07395f4309aff639d5788f973

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2019 00:05:57 GMT
server: nginx
etag: W/"5cfef065-1c5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

POST
H/1.1 200
OK LFA2ECU8052BXNGDVU Show response
www.quicksign.fr/GENERIC_FO/rest/bel/ 44 B
791 B 88ms
88ms XHR
application/json 178.255.129.65
BCS 32 rue Delizy

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quicksign.fr/GENERIC_FO/rest/bel/LFA2ECU8052BXNGDVU

Requested by

Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.255.129.65 Nogent-sur-Marne, France, ASN29605 (BCS 32 rue Delizy, FR),

Reverse DNS

www.quicksign.fr

Software

Apache /

Resource Hash

323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
Origin: https://www.quicksign.fr
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 13 Feb 2020 12:57:35 GMT
Server: Apache
ADRUM_0: g:c0370df3-7197-4b24-a98f-f2bb3ff62be2
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ADRUM_2: i:10189
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
ADRUM_1: n:customer1_e69b0123-b3e5-47a3-baa8-755983273e1a
Content-Type: application/json
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noodp, nosnippet
Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, X-Requested-With, mimeType, X-idTypePiece, X-File-Name, X-File-Size, If-Modified-Since
Keep-Alive: timeout=5, max=140

GET
H2 200 s_code_global_context.js Show response
qwww.aexp-static.com/cdaas/api/axpi/omniture/scode/23.0.0/ 105 KB
36 KB 18ms
18ms Script
application/javascript 2a02:26f0:6c00:19f::2b19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/scode/23.0.0/s_code_global_context.js
Requested by: Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/ensighten/amex/Bootstrap.js?ens_mk=fr_fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19f::2b19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 6a0923ce34c95410c9c39095ca28c256bc7d8f124bceb02aa222cf293f093be3

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 12:57:35 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 22:26:25 GMT
etag: W/"5e262911-1a51f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 36158
expires: Sun, 19 Jul 2020 22:37:03 GMT

GET
H2 200 s44431730353201 Show response
omns.americanexpress.com/b/ss/amexpressdev,amexpressenterprisedev/10/JS-2.17.0/ 4 KB
4 KB 56ms
55ms Script
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/b/ss/amexpressdev,amexpressenterprisedev/10/JS-2.17.0/s44431730353201?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=13%2F1%2F2020%2013%3A57%3A37%204%20-60&d.&nsid=15&jsonv=1&.d&mid=87914740708949382431274255354075408733&aid=2F22A3DF85159658-6000088CE097E5F3&aamlh=6&ce=UTF-8&ns=1americanexpress&fpCookieDomainPeriods=2&pageName=FR%7CAMEX%7CAcq%7CICSS%7CCONSUMER%7CBasic%7CReconnection-eSign&g=https%3A%2F%2Fwww.quicksign.fr%2Fgeneric_fo%2Flogin.do%3Bjsessionid%3Dec59655ad97aa74c63870bee1b19ed7a.qsign-app03%3Fid%3D24867187%26token%3Dlfa2ecu8052bxngdvu&c.&omn.&productID=FR%3AICSS%3AE57&pagename=CONSUMER%7CBasic%7CReconnection-eSign&hierarchy=FR%7CAMEX%7CAcq%7CICSS&language=fr&newpagename=yes&pmc=E57&products=FR%3AICSS%3AE57&events=event105&ReqId=11438&PageId=22516&rwd=rwd&itagerror=%20omn.pcnnumber%20is%20missing%20omn.zipcode%20is%20missing&visitorCheck=VisitorAPI%20Present&itagexists=yes&gvs=1&etwidth=1600&etheight=1200&etratio=0.75&etorientation=landscape&.omn&.c&cc=USD&server=www.quicksign.fr&events=event105&products=%3BFR%3AICSS%3AE57&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=FR%7CAMEX%7CAcq%7CICSS&c3=fr&c4=FR&v22=D%3Dgctrac&c48=D%3Dgctrac&c49=ENS-Acq%20r23.0.0-AM%3A2.17.0-VISID%3A4.4.0-DIL%3A9.3-Mbox%3ANA-CSVisID%3Afalse-msuite%3Atrue-IHC%3Afalse&v65=D%3Domnmycademo&c67=D%3Dmrcards&v67=D%3Dmrcards&c75=npn&v75=87914740708949382431274255354075408733&v94=D%3Dagent-id&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/scode/23.0.0/s_code_global_context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

658719c19145bc65c254fc16e658f912dc4faf093dfcbe31e08df1683e99f209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-aam-tid: tBupI4SJRzc=
date: Thu, 13 Feb 2020 12:57:37 GMT
x-content-type-options: nosniff
x-c: master-1151.Id9df28.M0-344
p3p: CP="This is not a P3P policy"
status: 200
content-length: 3785
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v059-062fa4a16.edge-irl1.demdex.com 5.65.0.20200204084552 4ms (+1ms)
pragma: no-cache
last-modified: Fri, 14 Feb 2020 12:57:37 GMT
server: jag
xserver: anedge-86dcc5cfb5-bpfff
etag: 3396457253691555840-4619366729390707915
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 12 Feb 2020 12:57:37 GMT

GET
H/1.1 200
OK LogEvent.do
gct.americanexpress.com/gct/ 0
264 B 611ms
149ms Image
text/plain 139.71.50.190
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gct.americanexpress.com/gct/LogEvent.do?errCode%3DTimeout%26pageURL%3Dhttps%3A%2F%2Fwww.quicksign.fr%2FGENERIC_FO%2Flogin.do%3Bjsessionid%3DEC59655AD97AA74C63870BEE1B19ED7A.qsign-app03%3Fid%3D24867187%26token%3DLFA2ECU8052BXNGDVU%40%40itag_pcnnumber%3Dundefined%40%40itag_pagename%3DCONSUMER%7CBasic%7CReconnection-eSign%40%40itag_products%3DFR%3AICSS%3AE57%40%40itag_events%3Dundefined%40%40omn.pcnnumber%3D%40%40omn.pagename%3DCONSUMER%7CBasic%7CReconnection-eSign%40%40omn.products%3DFR%3AICSS%3AE57%40%40omn.events%3Devent105undefined%26js_source%3Dcdaas_gctIntl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.71.50.190 , United States, ASN6307 (AMERICAN-EXPRESS, US),
Reverse DNS: gctv4-r2.americanexpress.com
Software: / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 13 Feb 2020 12:57:45 GMT
Connection: keep-alive
X-Powered-By: Undertow/1
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quicksign.fr/	1970-01-20 00:52:37	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 1585540135%7CMCMID%7C87914740708949382431274255354075408733%7CMCAAMLH-1582203455%7C6%7CMCAAMB-1582203455%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1581605855s%7CNONE%7CMCAID%7C2F22A3DF85159658-6000088CE097E5F3%7CvVersion%7C4.4.0
.quicksign.fr/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
www.quicksign.fr/GENERIC_FO	1969-12-31 23:59:59	Name: JSESSIONID Value: E21876DABFADD09649A45DFFEB7C2112.qsign-app03

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js(Line 3) Message: [QS NTP] Starting synchronization using this server URL: /GENERIC_FO/rest/time/current/iso (5 sync requests will be sent)
console-api	log	URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-util-1.0.11.js(Line 579) Message: [QS Event Logger] New event registered: {"time":"2020-02-13T12:57:34.671Z","timeSynchronized":false,"origin":"web-fo","type":"pageDisplay","properties":{"htmlPageTitle":"American Express","pageId":"pageReconnexion"}}
console-api	log	URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU(Line 913) Message: [object Object]
console-api	warning	URL: https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js(Line 2) Message: jQuery.Deferred exception: $(...).on is not a function TypeError: $(...).on is not a function at listenCheckboxConfirm (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js:11:18) at setListeners (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js:7:2) at HTMLDocument.<anonymous> (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js:2:2) at j (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js:2:29948) at k (https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js:2:30262) undefined
console-api	log	URL: https://www.quicksign.fr/GENERIC_FO/login.do;jsessionid=EC59655AD97AA74C63870BEE1B19ED7A.qsign-app03?id=24867187&token=LFA2ECU8052BXNGDVU(Line 904) Message: success

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
gct.americanexpress.com
nexus.ensighten.com
omns.americanexpress.com
qwww.aexp-static.com
www.quicksign.fr
139.71.50.190
15.188.105.205
178.255.129.65
18.195.42.228
2a02:26f0:6c00:19f::2b19
63.35.240.22
01a9cb59aaf8b0360b397043fb4dea8f9fdd829298f457c5fa9ef179e2005410
0396843c2bb8cd7e4633a24003830532d6ee203a18c5e31567857b533efd8fdc
03f8ccd1bb7c4b08691066c6ce667662a0eb414d7a64a45adce3bda3501834b2
070216208c96ea83fb1f8ad109d44508c9ef2121b97519abb35d986612bea573
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
1753b93cd7afd17615b1ed1851776005ddbea12ab98b23655b796d81cc31873c
17b28eb5752db25158a863c66a9518bda1b3e97e242c2d691b8eedc5cfc20503
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
1e9508ea625050b0cf95c80c61634286bc8b66555726d4cec9a0f144f093a74a
21ceec019ac333b4d809e4aa39286582e5913a00c3df7f7c4aae34589cae2f22
2ba921028f435a137dfb25cb49776a06b0ff7487dea2511991f8ff9f0c488e6b
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
357d43352c7b0cebd8f681f663d3f1a28ef0595bdcb42e3ce9ba13ec0dcaa648
40c72a6fd5e6614a6d3f66b91c914482e13e34778df553a05f3c5dfcc817e139
4505ed3cb1eef57601c232a71fa2c81139511b5ba1ee20a2198816a89dbf3b7a
4608ca554569d7240ee2dc760fe599d88519aacf7f5e928c17c720a5e572784a
485b5e8351cbf4fdcd6436c8dbed1cdfa1c348dd30bd0d75ca8a161ee406bf36
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
658719c19145bc65c254fc16e658f912dc4faf093dfcbe31e08df1683e99f209
6a0923ce34c95410c9c39095ca28c256bc7d8f124bceb02aa222cf293f093be3
6a906b76a40112249eb0a594415b6a41c0fd3339395035126e632fe4886556e4
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
773613407fc1edc52bc6513107656acf6fb8d64a0406ac712773cb8485f8af2e
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
7afcf01231c9176f6a78d5777220835c8a9f351e2d08035fcd5269b6f67be9e0
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
81841b356eb3c762478e9f3b4a9961ba38d47c727b773a21c014e41381378ddd
83f8fc95267b9268a14e26952e5f0c0a9d272d7cbe2bccc67c3898663fe6535b
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8ba6bca834293efbdb1a8880dd911d2b1cb226dc30492bf19feb622cf99ab2f1
8edd02111db885fbd38ed7e12821b108a057e1b07395f4309aff639d5788f973
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
913d965bf5c0a8d038c0f4166bcaa1b41c0e26463cf42b39dfabdede49018201
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
92f4adbfa1f9fd5e98dfe8c8c9fad9b502a03118a7f9f58527d727d98ff25c57
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
ae4a532ecdfa38cc29e4593e92d07a8673afdf86eb804fd3e7fef4a9b98d9fb4
af9a520ece32f82864c7e73a511d6ccb53778132a22218801067431679fc01de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
b7f1d22566bf99ea752033ae7411efe765f100a255e1355d8c508e9027cf1447
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
cbaaf957e7584cf1a903a2a673e2451c56c1deb18d09efa353450cf563b64bec
cedd5c0affd06304725ea5365211a7216239b94105deeaf573a61afb7ad7ab11
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
fc28e55420a7276dc557baaa797aa1a6ae3911d30f50817de028020349c32251

www.quicksign.fr Open in urlscan Pro 178.255.129.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

6 IPs

5 Countries

447 kBTransfer

1180 kBSize

3 Cookies

30 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.quicksign.fr Open in urlscan Pro
178.255.129.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

5
Countries

447 kB
Transfer

1180 kB
Size

3
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!