www.quicksign.fr Open in urlscan Pro
178.255.129.73  Malicious Activity! Public Scan

Submitted URL: https://qsn.to/5gzMQg&gt
Effective URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4...
Submission: On February 11 via api from BY — Scanned from FR

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 33 HTTP transactions. The main IP is 178.255.129.73, located in Paris, France and belongs to . The main domain is www.quicksign.fr.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 20th 2023. Valid for: a year.
This is the only time www.quicksign.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
2 30 178.255.129.73 ()
1 2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
33 4
Apex Domain
Subdomains
Transfer
29 quicksign.fr
www.quicksign.fr
694 KB
6 aexp-static.com
qwww.aexp-static.com — Cisco Umbrella Rank: 596650
qicm.aexp-static.com — Cisco Umbrella Rank: 319920
43 KB
1 qsn.to
qsn.to
125 B
33 3
Domain Requested by
29 www.quicksign.fr 1 redirects www.quicksign.fr
4 qicm.aexp-static.com www.quicksign.fr
qwww.aexp-static.com
qicm.aexp-static.com
2 qwww.aexp-static.com 1 redirects www.quicksign.fr
1 qsn.to 1 redirects
33 4
Subject Issuer Validity Valid
*.quicksign.fr
Sectigo RSA Domain Validation Secure Server CA
2023-07-20 -
2024-07-21
a year crt.sh
qwww.americanexpress.com
DigiCert EV RSA CA G2
2023-10-27 -
2024-10-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Frame ID: 05796D65429DC07A31D9808DDCFA01E9
Requests: 35 HTTP requests in this frame

Screenshot

Page Title

American Express

Page URL History Show full URLs

  1. https://qsn.to/5gzMQg&gt HTTP 301
    https://www.quicksign.fr/GENERIC_FO/redirect.do?st=5gzMQg&gt HTTP 302
    https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • aexp-static\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

33
Requests

97 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

736 kB
Transfer

1249 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qsn.to/5gzMQg&gt HTTP 301
    https://www.quicksign.fr/GENERIC_FO/redirect.do?st=5gzMQg&gt HTTP 302
    https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js HTTP 301
  • https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03
www.quicksign.fr/GENERIC_FO/
Redirect Chain
  • https://qsn.to/5gzMQg&gt
  • https://www.quicksign.fr/GENERIC_FO/redirect.do?st=5gzMQg&gt
  • https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
51 KB
52 KB
Document
General
Full URL
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
6ba30f5bfb76974d2fb555185b8829856440e145ef66d4e1348edef4451fc008
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin
cache-control
no-cache,no-store,max-age=0
content-type
text/html;charset=UTF-8
date
Sun, 11 Feb 2024 09:13:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
No-cache
server
none
strict-transport-security
max-age=31540000
transfer-encoding
chunked
x-content-type-options
: nosniff
x-xss-protection
: 1;mode=block

Redirect headers

Location
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin
cache-control
no-cache,no-store,max-age=0
content-length
0
content-type
text/html
date
Sun, 11 Feb 2024 09:13:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
No-cache
server
none
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
x-xss-protection
: 1;mode=block
jquery-3.1.1.min.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/
85 KB
30 KB
Script
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/jquery-3.1.1.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
W/"6103ed1f-152b5"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
bootstrap.min.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/
36 KB
10 KB
Script
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/bootstrap.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
W/"6103ed41-91d2"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
main.js
www.quicksign.fr/images-soa3/external/AMEX/assets/js/
502 B
767 B
Script
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/js/main.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-1f6"
content-type
application/javascript
accept-ranges
bytes
content-length
502
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/
370 B
621 B
Stylesheet
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Bold/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-172"
content-type
text/css
accept-ranges
bytes
content-length
370
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/
384 B
635 B
Stylesheet
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Medium/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
"6103ed41-180"
content-type
text/css
accept-ranges
bytes
content-length
384
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/
391 B
642 B
Stylesheet
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-187"
content-type
text/css
accept-ranges
bytes
content-length
391
styles.css
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/
377 B
628 B
Stylesheet
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Light/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
"6103ed41-179"
content-type
text/css
accept-ranges
bytes
content-length
377
styles.css
www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/
800 B
1 KB
Stylesheet
General
Full URL
https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/styles.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
f9a43271398e748acd2e8a1c69e4b46ca5de471374d11bc18a8b1aa6af457444
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Mon, 24 Apr 2023 10:02:28 GMT
server
nginx
etag
"644653b4-320"
content-type
text/css
accept-ranges
bytes
content-length
800
dls.min.css
www.quicksign.fr/css-soa3/AMEX/
344 KB
46 KB
Stylesheet
General
Full URL
https://www.quicksign.fr/css-soa3/AMEX/dls.min.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
05881f9e5c1d5b75296f36a455160938f40dc06066e41e30804655de5eec5495
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Wed, 29 Mar 2023 18:03:29 GMT
server
nginx
etag
W/"64247d71-55e3c"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
text/css
dls.min.js
www.quicksign.fr/js-soa3/AMEX/
118 KB
25 KB
Script
General
Full URL
https://www.quicksign.fr/js-soa3/AMEX/dls.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Wed, 29 Mar 2023 18:03:29 GMT
server
nginx
etag
W/"64247d71-1d655"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
jquery-1.5.2.min.js
www.quicksign.fr/GENERIC_FO/scripts/
84 KB
85 KB
Script
General
Full URL
https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Sun, 11 Feb 2024 02:30:34 GMT
server
none
etag
W/"85925-1707618634000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
85925
x-xss-protection
: 1;mode=block
qs-util-1.0.11.js
www.quicksign.fr/js-soa3/lib/qs/
17 KB
5 KB
Script
General
Full URL
https://www.quicksign.fr/js-soa3/lib/qs/qs-util-1.0.11.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:25 GMT
server
nginx
etag
W/"6103ed21-456b"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
qs-ntp-1.0.4.min.js
www.quicksign.fr/js-soa3/lib/qs/
3 KB
2 KB
Script
General
Full URL
https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:15:00 GMT
server
nginx
etag
W/"6103ed44-c45"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
qs-event-logger-1.3.0.min.js
www.quicksign.fr/js-soa3/lib/qs/
14 KB
5 KB
Script
General
Full URL
https://www.quicksign.fr/js-soa3/lib/qs/qs-event-logger-1.3.0.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:25 GMT
server
nginx
etag
W/"6103ed21-3886"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
jquery-ui.min.js
www.quicksign.fr/GENERIC_FO/scripts/
197 KB
198 KB
Script
General
Full URL
https://www.quicksign.fr/GENERIC_FO/scripts/jquery-ui.min.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Sun, 11 Feb 2024 02:30:34 GMT
server
none
etag
W/"201658-1707618634000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
201658
x-xss-protection
: 1;mode=block
jquery-ui.min.css
www.quicksign.fr/GENERIC_FO/css/
24 KB
25 KB
Stylesheet
General
Full URL
https://www.quicksign.fr/GENERIC_FO/css/jquery-ui.min.css
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Sun, 11 Feb 2024 02:30:34 GMT
server
none
etag
W/"25085-1707618634000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/css
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
25085
x-xss-protection
: 1;mode=block
login.js
www.quicksign.fr/GENERIC_FO/scripts/custom/
3 KB
4 KB
Script
General
Full URL
https://www.quicksign.fr/GENERIC_FO/scripts/custom/login.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
last-modified
Sun, 11 Feb 2024 02:30:34 GMT
server
none
etag
W/"3431-1707618634000"
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
3431
x-xss-protection
: 1;mode=block
dls-logo-bluebox-solid.svg
www.quicksign.fr/images-soa3/external/AMEX/
2 KB
1 KB
Image
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/dls-logo-bluebox-solid.svg
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:57 GMT
server
nginx
etag
W/"6103ed41-962"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
image/svg+xml
gold_di_480x304.png
www.quicksign.fr/images-soa3/external/AMEX/cartes/
112 KB
113 KB
Image
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/cartes/gold_di_480x304.png
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
9518087a26eb2fbb76327cba98f8defb638f72269a87c31a4838857c8b480f28
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Tue, 11 Oct 2022 10:01:31 GMT
server
nginx
etag
"63453efb-1c102"
content-type
image/png
accept-ranges
bytes
content-length
114946
clear.gif
qwww.aexp-static.com/nav/ngn/img/
43 B
204 B
Image
General
Full URL
https://qwww.aexp-static.com/nav/ngn/img/clear.gif
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:b84::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
last-modified
Sat, 01 Feb 2020 02:27:57 GMT
etag
"5e34e22d-2b"
vary
Origin
content-type
image/gif
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
43
inav_intlEapp.js
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/
Redirect Chain
  • https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
  • https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
3 KB
1 KB
Script
General
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
Protocol
H2
Server
2a02:26f0:480:993::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9ea9e26164864fd94da9b4e3097139d91ef15ce10ee7edab57bcde1d0f427095

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:57 GMT
content-encoding
gzip
last-modified
Fri, 25 Aug 2023 08:13:37 GMT
etag
"c40-603baebec917c-gzip"
vary
Accept-Encoding,Origin
content-type
application/javascript
accept-ranges
bytes
content-length
1273

Redirect headers

location
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/js/inav_intlEapp.js
date
Sun, 11 Feb 2024 09:13:56 GMT
server
AkamaiGHost
content-length
0
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/
24 B
550 B
XHR
General
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1707642836166
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
0586275c1c028f59c6a0355bf78796801818430f663c846d38be141593b35a08
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/
24 B
550 B
XHR
General
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1707642836186
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
16ac8b78c2479f6b37ae11d37f72560f9427c25301bf0b998fd3a6477fdc8dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/
24 B
550 B
XHR
General
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1707642836205
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
a6c958cd31db1fc88ed8d7744e43e34e3ef03d3d79cecc813999179cf8386904
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
truncated
/
637 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e864a6486e4c3495536fece0afa29f970e3522b7a14e3153131230af65cae8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f2dc7871e73693d3077711736405df39186e481a230ba62ea77c6c1f9cbb784

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
BentonSans-Regular.otf
www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/
45 KB
45 KB
Font
General
Full URL
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/BentonSans-Regular.otf
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

Referer
https://www.quicksign.fr/images-soa3/external/AMEX/assets/fonts/BentonSans-Regular/styles.css
Origin
https://www.quicksign.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Fri, 30 Jul 2021 12:14:23 GMT
server
nginx
etag
"6103ed1f-b2fc"
content-type
application/octet-stream
accept-ranges
bytes
content-length
45820
HelveticaNeue%20Regular.ttf
www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/
40 KB
40 KB
Font
General
Full URL
https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/HelveticaNeue%20Regular.ttf
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
nginx /
Resource Hash
f2d8cf55ad5b917b333bb917219f111f39087511814cf027662fa25f61d00577
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

Referer
https://www.quicksign.fr/fonts-soa3/external/AMEX/Helvetica/styles.css
Origin
https://www.quicksign.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
last-modified
Wed, 29 Mar 2023 18:03:29 GMT
server
nginx
etag
"64247d71-a0dc"
content-type
application/octet-stream
accept-ranges
bytes
content-length
41180
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/
24 B
550 B
XHR
General
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1707642836234
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
55ca0661775c79539b041fb1f6bbd69f61000fe0182d18c3b99af786271582d2
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
iso
www.quicksign.fr/GENERIC_FO/rest/time/current/
24 B
550 B
XHR
General
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/time/current/iso?nocache=1707642836254
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/js-soa3/lib/qs/qs-ntp-1.0.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
f328ee3dc30fa9878d87340f7e52c48e9b13fd80666e41099ed344eb791d636d
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:56 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
content-length
24
x-xss-protection
: 1;mode=block
inav_intlEapp.css
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
Requested by
Host: qwww.aexp-static.com
URL: https://qwww.aexp-static.com/nav/ngn/js/inav_intlEapp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:993::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
53f66044d7356370e82a342254d83c381b8a1ce42ba420195261379f21da4714

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.quicksign.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:58 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 10:40:51 GMT
etag
"660e-5cfb7cf8adc16-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
content-length
4134
AUNP4GOKSIGPKZQOZS
www.quicksign.fr/GENERIC_FO/rest/bel/
44 B
619 B
XHR
General
Full URL
https://www.quicksign.fr/GENERIC_FO/rest/bel/AUNP4GOKSIGPKZQOZS
Requested by
Host: www.quicksign.fr
URL: https://www.quicksign.fr/GENERIC_FO/scripts/jquery-1.5.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.255.129.73 Paris, France, ASN (),
Reverse DNS
www.quicksign.fr
Software
none /
Resource Hash
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.quicksign.fr/GENERIC_FO/;jsessionid=059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03?id=62144672&token=AUNP4GOKSIGPKZQOZS
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 09:13:58 GMT
strict-transport-security
max-age=31540000
x-content-type-options
: nosniff
server
none
transfer-encoding
chunked
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
content-type
application/json
access-control-allow-origin
https://www.quicksign.fr
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Last-Event-ID, X-File-Name, X-Mime-Type, X-Requested-With, X-XSRF-TOKEN, api_key
x-xss-protection
: 1;mode=block
iNav_ngi_sprite_footer.gif
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/
934 B
442 B
Image
General
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_ngi_sprite_footer.gif
Requested by
Host: qicm.aexp-static.com
URL: https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:993::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:58 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 10:40:51 GMT
etag
"3a6-5cfb7cf8fba35-gzip"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
302
iNav_ngi_sprite_new.gif
qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/
38 KB
37 KB
Image
General
Full URL
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01
Requested by
Host: qicm.aexp-static.com
URL: https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:993::2b19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
083e024a2e338291fd1819373cd6ff56a3fd98202464243ce2e4d27cb24dece3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://qicm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_intlEapp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 09:13:58 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 10:40:51 GMT
etag
"99eb-5cfb7cf8c2451-gzip"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
37786

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| setListeners function| listenCheckboxConfirm function| webpackHotUpdate object| DLS function| qsLog function| QsMessaging function| QsUtil function| QsNtp string| belToken function| QsEventLogger object| qsEventLogger object| jQuery15206381512730636247 string| msg string| msg_code function| DP_jQuery_1707642836220 function| loadMessages boolean| qsIsSubmitted function| verifierEmail function| verifierFormatEmail boolean| visible function| hideShow string| vEmail string| vDateNaissance string| vEmailErrone object| NAV function| initOmnDefault number| ice function| omn_rmaction function| omn_rmvar function| omn_bpoclick function| omn_bpoimpression function| ctn_rmaction function| ctn_rmvar function| omn_mer_rmaction function| omn_mer_rmleadstart function| omn_mer_rmshare function| omn_mer_rmvidstart function| omn_mer_rmvidcomplete function| omn_mer_trackdownload function| omn_mer_rmvar function| omn_mer_tracklogin function| omn_relatedprodclick function| searchWidgetAction function| searchWidgetError function| searchWidgetFAQAction function| searchWidgetHyperlinkClick function| searchWidgetSearch function| omn_rmdiscuss function| omn_rmfollowcomplete function| omn_rmfollowstart function| omn_rmlogin function| omn_rmprofile function| omn_rmregcomplete function| omn_rmregstart function| omn_rmaddpaybill function| omn_rmaddsscard function| omn_rmeStatement function| t function| tl string| donneesMetier12 object| elementsDonneeMetier12 object| $itag string| itag_pagename string| itag_pmc string| itag_products function| loadErrorMessage function| postDataFlag

1 Cookies

Domain/Path Name / Value
www.quicksign.fr/GENERIC_FO Name: JSESSIONID
Value: qsign-soa3-fo-03~059CBBD80B3EE06C44FA76689774220D.qsign-soa3-fo-03

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options : nosniff
X-Xss-Protection : 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qicm.aexp-static.com
qsn.to
qwww.aexp-static.com
www.quicksign.fr
178.255.129.73
2a02:26f0:480:993::2b19
2a02:26f0:480:b84::2b19
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
0586275c1c028f59c6a0355bf78796801818430f663c846d38be141593b35a08
05881f9e5c1d5b75296f36a455160938f40dc06066e41e30804655de5eec5495
083e024a2e338291fd1819373cd6ff56a3fd98202464243ce2e4d27cb24dece3
16ac8b78c2479f6b37ae11d37f72560f9427c25301bf0b998fd3a6477fdc8dbb
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
323be37e3de37656ac3ac05437567c2d3d141cc68ec2c05b06adb12149fd5840
3f2dc7871e73693d3077711736405df39186e481a230ba62ea77c6c1f9cbb784
48e864a6486e4c3495536fece0afa29f970e3522b7a14e3153131230af65cae8
5109d981cf364496bfce01d0b75a0a98d748d37affd7f7c78ca134e6d281128f
53f66044d7356370e82a342254d83c381b8a1ce42ba420195261379f21da4714
55ca0661775c79539b041fb1f6bbd69f61000fe0182d18c3b99af786271582d2
5ed6cf77d550f31df0b670e310fda83c64865109f2db433dc4019d3151f1c398
6b734c7addd095a96b39f0c994b4d547ab6cdf5b73862deb0b16a402fc88f33f
6ba30f5bfb76974d2fb555185b8829856440e145ef66d4e1348edef4451fc008
6f25829290e315b0b1512e2334b1f56a480815452dc5545af3e2d87246015a39
794f159eedad05c674040df90e36641c3883ef0f4b32cdd3d51f92233517c45b
7f51469470432b059a8caac188afe2bb262543ab1e04ed514100023d2e59a929
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
92e7a353dc9c547ccc675fe32ac78c93de9c9a1057c94db72d50065988915a91
9518087a26eb2fbb76327cba98f8defb638f72269a87c31a4838857c8b480f28
9ea9e26164864fd94da9b4e3097139d91ef15ce10ee7edab57bcde1d0f427095
a6c958cd31db1fc88ed8d7744e43e34e3ef03d3d79cecc813999179cf8386904
ac136f141b4ce677ddbc240ea440e3407b4518e8655850e4eecaf04c91609fb6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb007febd7c23003bd51c4692706c72213f853cf824329254df976d225f2e3
be72e5458782684c89d94bc1e870bccbb8e906e818a8d9d98d0ad4db2fe5f9ba
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
d5f98b9438d6081aeaba48ee70cd69f8dde3065773baaeab8fe19e80a31d6323
da32e59bdef1e09bf9ed59529da81b42c9323e6efbcc18adcde9a93555fc0622
f2d8cf55ad5b917b333bb917219f111f39087511814cf027662fa25f61d00577
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
f328ee3dc30fa9878d87340f7e52c48e9b13fd80666e41099ed344eb791d636d
f9a43271398e748acd2e8a1c69e4b46ca5de471374d11bc18a8b1aa6af457444