urlscan.io logo urlscan.io
SecurityTrails logo

mepos.stg.me-team.org Open in urlscan Pro
88.99.6.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booking.stg.me-pos.com/
Effective URL: https://mepos.stg.me-team.org/
Submission: On July 12 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 88.99.6.85, located in Aachen, Germany and belongs to HETZNER-AS, DE. The main domain is mepos.stg.me-team.org.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time mepos.stg.me-team.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 88.99.6.85 24940 (HETZNER-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
5 172.253.63.155 15169 (GOOGLE)
2 172.253.62.154 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 138.201.193.240 24940 (HETZNER-AS)
1 172.253.115.105 15169 (GOOGLE)
22 9
7    88.99.6.85 (Aachen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: k3s-node1.me-team.org
booking.stg.me-pos.com
mepos.stg.me-team.org
1    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
pagead2.googlesyndication.com
2    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads.g.doubleclick.net
1    2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c21::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    138.201.193.240 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: k3s-node2.me-team.org
mepos.stg.me-team.org
1    172.253.115.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 180
247 KB
5 me-pos.com
booking.stg.me-pos.com
2 MB
3 me-team.org
mepos.stg.me-team.org Failed
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 69
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 428
fonts.googleapis.com — Cisco Umbrella Rank: 74
32 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
22 6
Domain Requested by
5 pagead2.googlesyndication.com booking.stg.me-pos.com
pagead2.googlesyndication.com
5 booking.stg.me-pos.com booking.stg.me-pos.com
3 mepos.stg.me-team.org booking.stg.me-pos.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 fonts.googleapis.com booking.stg.me-pos.com
1 ajax.googleapis.com booking.stg.me-pos.com
22 8

This site contains no links.

Subject Issuer Validity Valid
booking.stg.me-pos.com
R10		 2024-07-12 -
2024-10-10		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
mepos.stg.me-team.org
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://mepos.stg.me-team.org/
Frame ID: DA059E252A3A5488771280F940E9AF84
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Frame ID: 849CCD1A05B48CB39CFC96BFB5D38B55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7056109210876208&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1706530459&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbooking.stg.me-pos.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~28_22~27_4~29_11~30_19&aiixl=32_9~28_4~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720777770630&bpp=4&bdt=374&idt=309&shv=r20240709&mjsv=m202407080101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7233649009021&frm=20&pv=2&ga_vid=721153366.1720777771&ga_sid=1720777771&ga_hid=280719288&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95331833%2C95334510%2C95334528%2C95334580%2C95334829%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3698137458422875&tmod=1032403784&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 037C9A393A58B12DB8F06F14AAFE3889
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 575FD200CE04D82138BCC18327565A8D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 941AAE3A7937309AEA6EEEF804CDEA84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. https://booking.stg.me-pos.com/ Page URL
  2. https://mepos.stg.me-team.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

91 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

1897 kB
Transfer

2411 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.stg.me-pos.com/ Page URL
  2. https://mepos.stg.me-team.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
booking.stg.me-pos.com/ 		880 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking.stg.me-pos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
1c86dcddd88c0ad13e0db4472cf77e3015f69b380766c26a79887e35be538ce0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
880
content-type
text/html
date
Fri, 12 Jul 2024 09:49:30 GMT
etag
"65b7969b-370"
last-modified
Mon, 29 Jan 2024 12:14:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 16:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jul 2025 16:03:41 GMT
main.491485aa.js
booking.stg.me-pos.com/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.stg.me-pos.com/static/js/main.491485aa.js
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
f062d6c2971b9736b5b12a9c921f353c137d5f2ca344177ee79c82a88be44aec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Jan 2024 12:14:19 GMT
accept-ranges
bytes
etag
"65b7969b-12ccad"
content-length
1232045
content-type
application/javascript
main.9c9b59e3.css
booking.stg.me-pos.com/static/css/ 		402 KB
403 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.stg.me-pos.com/static/css/main.9c9b59e3.css
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
b7edee09d7d90c211863fd93b8048df0971d19fb536b22105abdf2e4a3a06b8f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Jan 2024 12:14:19 GMT
accept-ranges
bytes
etag
"65b7969b-646ed"
content-length
411373
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7056109210876208
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
b217267e64c1ec1dc1018bf9a7a8f2fba9e2094497ec2ffaf67ea529375ad82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
Origin
https://booking.stg.me-pos.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53410
x-xss-protection
0
server
cafe
etag
15897050370459500505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 12 Jul 2024 09:49:30 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7056109210876208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
5443300405b5610e747d863c49f6a8a81f99b9f186d64cfcbd43fc614134f4e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33167
x-xss-protection
0
server
cafe
etag
9183908164503938450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jul 2024 09:49:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7056109210876208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
566588b3b5c54b713722b840266eaf18b3b90da37dac071c8d2b7bd0f19fe487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146653
x-xss-protection
0
server
cafe
etag
2321053573151105355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jul 2024 09:49:30 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7056109210876208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame 849C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
56746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 18:03:45 GMT
etag
2738592464165616
expires
Thu, 25 Jul 2024 18:03:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 037C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7056109210876208&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1706530459&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbooking.stg.me-pos.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~28_22~27_4~29_11~30_19&aiixl=32_9~28_4~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720777770630&bpp=4&bdt=374&idt=309&shv=r20240709&mjsv=m202407080101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7233649009021&frm=20&pv=2&ga_vid=721153366.1720777771&ga_sid=1720777771&ga_hid=280719288&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95331833%2C95334510%2C95334528%2C95334580%2C95334829%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3698137458422875&tmod=1032403784&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jul 2024 09:49:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ 		408 B
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cookie&display=swap
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/static/css/main.9c9b59e3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37665f59cabe32433c647926b9830855ca12545eae536f749d7735aa93d11041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jul 2024 09:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jul 2024 09:04:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jul 2024 09:49:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240709&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
4f0758c5beb2dd12501925d4aae5a2a08fae0f548cc7aeb20b476b7b73047337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12842
x-xss-protection
0
translation.json
booking.stg.me-pos.com/locales/en/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://booking.stg.me-pos.com/locales/en/translation.json
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/static/js/main.491485aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
741defb20b645557db9987908668560f3faaaaea70946cc4931cf0ea7bb57f95
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Jan 2024 12:13:41 GMT
accept-ranges
bytes
etag
"65b79675-17ed"
content-length
6125
content-type
application/json
/
mepos.stg.me-team.org/ 		0
0
favicon.ico
booking.stg.me-pos.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://booking.stg.me-pos.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Jan 2024 12:13:41 GMT
accept-ranges
bytes
etag
"65b79675-47e"
content-length
1150
content-type
image/x-icon
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 09:49:32 GMT
Primary Request /
mepos.stg.me-team.org/ 		548 B
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mepos.stg.me-team.org/
Requested by
Host: booking.stg.me-pos.com
URL: https://booking.stg.me-pos.com/static/js/main.491485aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://booking.stg.me-pos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
548
content-type
text/html
date
Fri, 12 Jul 2024 09:49:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
/
mepos.stg.me-team.org/graphql/ 		0
0
/
mepos.stg.me-team.org/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mepos.stg.me-team.org/graphql/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.193.240 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node2.me-team.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,service-key-name
Access-Control-Request-Method
POST
Origin
https://booking.stg.me-pos.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
548
content-type
text/html
date
Fri, 12 Jul 2024 09:49:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 575F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.stg.me-pos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
303320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jul 2024 21:34:12 GMT
expires
Tue, 08 Jul 2025 21:34:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 941A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QBSbIla_0XQ8tIcs2C_NNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.stg.me-pos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QBSbIla_0XQ8tIcs2C_NNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jul 2024 09:49:32 GMT
expires
Fri, 12 Jul 2024 09:49:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
mepos.stg.me-team.org/ 		548 B
660 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mepos.stg.me-team.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.6.85 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k3s-node1.me-team.org
Software
/
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mepos.stg.me-team.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 09:49:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
548
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mepos.stg.me-team.org
URL
https://mepos.stg.me-team.org/
Domain
mepos.stg.me-team.org
URL
https://mepos.stg.me-team.org/graphql/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

4 Console Messages

Source Level URL
Text
javascript error URL: https://booking.stg.me-pos.com/
Message:
Access to fetch at 'https://mepos.stg.me-team.org/graphql/' from origin 'https://booking.stg.me-pos.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://mepos.stg.me-team.org/graphql/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mepos.stg.me-team.org/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mepos.stg.me-team.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains