cms.bottinservice.c3smo.cybens.com Open in urlscan Pro
144.217.82.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cms.bottinservice.c3smo.cybens.com/
Submission: On September 08 via automatic, source certstream-suspicious (September 8th 2021, 9:16:20 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 144.217.82.246, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is cms.bottinservice.c3smo.cybens.com.
TLS certificate: Issued by R3 on September 8th 2021. Valid for: 3 months.

This is the only time cms.bottinservice.c3smo.cybens.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	144.217.82.246 144.217.82.246		16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4007:80e::200a		15169 (GOOGLE) (GOOGLE)
15	3

11 144.217.82.246 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: 246.ip-144-217-82.net

cms.bottinservice.c3smo.cybens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cybens.com cms.bottinservice.c3smo.cybens.com	1 MB
4	googleapis.com maps.googleapis.com	221 KB
15	2

	Domain	Requested by
11	cms.bottinservice.c3smo.cybens.com	cms.bottinservice.c3smo.cybens.com
4	maps.googleapis.com	cms.bottinservice.c3smo.cybens.com maps.googleapis.com
15	2

This site contains links to these domains. Also see Links.

Domain
bottinservice.c3smo.cybens.com
olstudio.co

Subject Issuer	Validity	Valid
cms.bottinservice.c3smo.cybens.com R3	`2021-09-08` - `2021-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cms.bottinservice.c3smo.cybens.com/
Frame ID: 0FC3A0990D9834D074331E48CFB03EE9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Intranet du CISSS de la Montérégie-Ouest | Gestionnaire de contenu

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1441 kB
Transfer

1730 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://bottinservice.c3smo.cybens.com/

Search URL Search Domain Scan URL

URL: https://olstudio.co/
Title: Studio OL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
cms.bottinservice.c3smo.cybens.com/ 4 KB
5 KB 969ms
386ms Document
text/html 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 9473906317e09f09ea3177270bbba353e6e46b3456c75be700efadddc05e37b6

Request headers

Host: cms.bottinservice.c3smo.cybens.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 08 Sep 2021 09:16:13 GMT
Server: Apache/2.4.6
Quid-Version: 5.28.0
Quid-Request: qaYuNCrYBJ
Quid-Response: 6lKheO9exi
Quid-Uri: https://cms.bottinservice.c3smo.cybens.com
Expires: Wed, 08 Sep 2021 09:16:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: keep-alive, Keep-Alive
X-Ua-Compatible: IE=Edge
Quid-Speed: 0.274
Set-Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln; expires=Fri, 08-Oct-2021 09:16:13 GMT; Max-Age=2591999; path=/; secure; HttpOnly
Last-Modified: Wed, 08 Sep 2021 09:16:13 GMT
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cms.css
cms.bottinservice.c3smo.cybens.com/css/ 211 KB
212 KB 96ms
95ms Stylesheet
text/css 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/css/cms.css?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 4fc8fa2628fe779fa9c654cde2bd2612ba6da9869aeb3274774ded2508bc8862

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Mon, 22 Feb 2021 02:16:13 GMT
Server: Apache/2.4.6
ETag: "34dd6-5bbe362d2b0d6"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 216534

GET
H/1.1 200
OK jquery.js Show response
cms.bottinservice.c3smo.cybens.com/js/jquery/ 86 KB
86 KB 288ms
96ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/jquery/jquery.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Thu, 06 May 2021 05:20:59 GMT
Server: Apache/2.4.6
ETag: "15857-5c1a27a09404f"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 88151

GET
H/1.1 200
OK jquery-ui.js Show response
cms.bottinservice.c3smo.cybens.com/js/jquery/ 36 KB
36 KB 292ms
98ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/jquery/jquery-ui.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: d3fcf4415de78ab76509b5d1d02fcbce0eb9fdd7cfaa218edc0d187b56a6c491

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Thu, 06 May 2021 05:21:01 GMT
Server: Apache/2.4.6
ETag: "8f3c-5c1a27a1da306"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 36668

GET
H/1.1 200
OK include.js Show response
cms.bottinservice.c3smo.cybens.com/js/ 151 KB
151 KB 295ms
100ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/include.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: f7c0c9511fa547abb0e127deb0d5514b68b06c1cd6ade83ce8f22230eb16de76

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Thu, 06 May 2021 05:34:49 GMT
Server: Apache/2.4.6
ETag: "25a74-5c1a2ab773f90"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 154228

GET
H/1.1 200
OK dataTables.js Show response
cms.bottinservice.c3smo.cybens.com/js/ 89 KB
90 KB 296ms
98ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/dataTables.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 8e25b5e55b5b7c515c8557c78a26a31186b4ac385c6ba09f319539f84fc7ba0a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Thu, 06 May 2021 04:34:36 GMT
Server: Apache/2.4.6
ETag: "1651f-5c1a1d41c46ab"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 91423

GET
H/1.1 200
OK meilisearch.js Show response
cms.bottinservice.c3smo.cybens.com/js/ 53 KB
54 KB 297ms
99ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/meilisearch.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 72cbf59e8283791be84e80cd8ba9817a33a93bc6d9754bca5d50ed0d34be45cd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Thu, 06 May 2021 04:34:36 GMT
Server: Apache/2.4.6
ETag: "d55a-5c1a1d41c4a93"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54618

GET
H/1.1 200
OK cms.js Show response
cms.bottinservice.c3smo.cybens.com/js/ 24 KB
24 KB 480ms
96ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/cms.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 20cb87efbd2dc2a2dd1c3d7b9a5a992e12ee182d0dbd6eaa058aadf9eadff1cf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Mon, 22 Feb 2021 02:16:12 GMT
Server: Apache/2.4.6
ETag: "5e82-5bbe362c3284d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24194

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 136 KB
45 KB 171ms
98ms Script
text/javascript 2a00:1450:4007:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBY8n_IMsh_QBNM_FbcXJA2THgBd-JHHK4

Requested by

Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

6410b4f0d173835a6abbf481ddc30331f40ee206becd9d757ee67d47c85eb599

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 09:16:14 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45465
x-xss-protection: 0
expires: Wed, 08 Sep 2021 09:46:14 GMT

GET
H/1.1 200
OK tinymce.min.js Show response
cms.bottinservice.c3smo.cybens.com/js/tinymce/ 416 KB
416 KB 546ms
96ms Script
application/javascript 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.bottinservice.c3smo.cybens.com/js/tinymce/tinymce.min.js?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: cb3609d4264ad3f7d36c165d2816af7f3144aff9657365eab5a903f768c8eacb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Thu, 06 May 2021 05:18:14 GMT
Server: Apache/2.4.6
ETag: "67ff7-5c1a27032be83"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 425975

GET
H/1.1 200
OK logo.png
cms.bottinservice.c3smo.cybens.com/media/ 18 KB
18 KB 97ms
97ms Image
image/png 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.bottinservice.c3smo.cybens.com/media/logo.png?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: 9830f95f756e5f5163e4ef4433cc6f054974a60a9b4cea4bac90fbae97a95d5c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Sat, 20 Feb 2021 20:31:27 GMT
Server: Apache/2.4.6
ETag: "486b-5bbca74027100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18539

GET
H/1.1 200
OK cms_background.jpg
cms.bottinservice.c3smo.cybens.com/media/ 129 KB
129 KB 96ms
96ms Image
image/jpeg 144.217.82.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.bottinservice.c3smo.cybens.com/media/cms_background.jpg?t=1631092573
Requested by: Host: cms.bottinservice.c3smo.cybens.com
URL: https://cms.bottinservice.c3smo.cybens.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.82.246 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-144-217-82.net
Software: Apache/2.4.6 /
Resource Hash: c81210976fecc0af8f9cd7a3fedb62f2ca3d82b8c69a864383a31f6d3db7d998

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cms.bottinservice.c3smo.cybens.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://cms.bottinservice.c3smo.cybens.com/
Cookie: cms=cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 09:16:14 GMT
Last-Modified: Sat, 20 Feb 2021 20:31:27 GMT
Server: Apache/2.4.6
ETag: "203cf-5bbca740280a0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 132047

GET
DATA 200
OK truncated
/ 969 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d499439ceca209e3f3d9fa365af8972c283693b3b16fc48037206f24aad5e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/8b/intl/de_ALL/ 87 KB
87 KB 26ms
24ms Script
text/javascript 2a00:1450:4007:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/8b/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBY8n_IMsh_QBNM_FbcXJA2THgBd-JHHK4

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87becac65df767f04096f8f2d7a6fd77069a232bac3877acd7d6576ec84e1df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 00:38:14 GMT
vary: Accept-Encoding, Origin
last-modified: Fri, 06 Aug 2021 23:52:40 GMT
server: sffe
x-content-type-options: nosniff
age: 376685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88817
x-xss-protection: 0
expires: Sun, 04 Sep 2022 00:38:14 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/45/8b/intl/de_ALL/ 289 KB
88 KB 51ms
50ms Script
text/javascript 2a00:1450:4007:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/45/8b/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyBY8n_IMsh_QBNM_FbcXJA2THgBd-JHHK4

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11bfa360db1917a897499ce3b7eb6c77a6d8db40329ce64f2a403e5b88468e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 19:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90472
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 23:52:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 19:44:32 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
208 B 70ms
70ms Script
text/javascript 2a00:1450:4007:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcms.bottinservice.c3smo.cybens.com%2F&4sAIzaSyBY8n_IMsh_QBNM_FbcXJA2THgBd-JHHK4&callback=_xdc_._z4elj7&key=AIzaSyBY8n_IMsh_QBNM_FbcXJA2THgBd-JHHK4&token=42688

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/8b/intl/de_ALL/common.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

09fadc587dcfccb5074e2463014ca744b18747d18b4ef28d5712fb87a017d959

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cms.bottinservice.c3smo.cybens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 09:16:19 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=42
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery string| search_link object| $jscomp function| $jscomp$lookupPolyfilledValue function| MeiliSearch object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| tinymce object| tinyMCE

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cms.bottinservice.c3smo.cybens.com/	1970-01-19 21:48:04	Name: cms Value: cms-itp2susksq0g4hrurj3ndpfqc0jmhgpvsuvtr5ln

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cms.bottinservice.c3smo.cybens.com
maps.googleapis.com
144.217.82.246
2a00:1450:4007:80e::200a
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
09fadc587dcfccb5074e2463014ca744b18747d18b4ef28d5712fb87a017d959
11bfa360db1917a897499ce3b7eb6c77a6d8db40329ce64f2a403e5b88468e34
20cb87efbd2dc2a2dd1c3d7b9a5a992e12ee182d0dbd6eaa058aadf9eadff1cf
4fc8fa2628fe779fa9c654cde2bd2612ba6da9869aeb3274774ded2508bc8862
6410b4f0d173835a6abbf481ddc30331f40ee206becd9d757ee67d47c85eb599
72cbf59e8283791be84e80cd8ba9817a33a93bc6d9754bca5d50ed0d34be45cd
87becac65df767f04096f8f2d7a6fd77069a232bac3877acd7d6576ec84e1df2
8e25b5e55b5b7c515c8557c78a26a31186b4ac385c6ba09f319539f84fc7ba0a
9473906317e09f09ea3177270bbba353e6e46b3456c75be700efadddc05e37b6
9830f95f756e5f5163e4ef4433cc6f054974a60a9b4cea4bac90fbae97a95d5c
c81210976fecc0af8f9cd7a3fedb62f2ca3d82b8c69a864383a31f6d3db7d998
cb3609d4264ad3f7d36c165d2816af7f3144aff9657365eab5a903f768c8eacb
d3fcf4415de78ab76509b5d1d02fcbce0eb9fdd7cfaa218edc0d187b56a6c491
f6d499439ceca209e3f3d9fa365af8972c283693b3b16fc48037206f24aad5e9
f7c0c9511fa547abb0e127deb0d5514b68b06c1cd6ade83ce8f22230eb16de76