urlscan.io logo urlscan.io
SecurityTrails logo

img.mcag.de Open in urlscan Pro
5.35.226.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://img.mcag.de/
Effective URL: https://img.mcag.de/
Submission: On May 23 via api from IT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 5.35.226.77, located in Germany and belongs to GODADDY, DE. The main domain is img.mcag.de.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on July 20th 2023. Valid for: a year.
This is the only time img.mcag.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 5.35.226.77 20773 (GODADDY)
8 148.251.5.29 24940 (HETZNER-AS)
20 3
Apex Domain
Subdomains		 Transfer
12 mcag.de
img.mcag.de
377 KB
8 ccm19.de
cloud.ccm19.de — Cisco Umbrella Rank: 141860
45 KB
20 2
Domain Requested by
12 img.mcag.de img.mcag.de
8 cloud.ccm19.de img.mcag.de
cloud.ccm19.de
20 2

This site contains links to these domains. Also see Links.

Domain
www.managementcircle.de
www.ccm19.de
Subject Issuer Validity Valid
*.mcag.de
Starfield Secure Certificate Authority - G2		 2023-07-20 -
2024-08-19		 a year crt.sh
cloud.ccm19.de
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://img.mcag.de/
Frame ID: 4C31DA3175F157DFE6DFBD25FB1939CF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lychee - Albums

Page URL History Show full URLs

  1. http://img.mcag.de/ HTTP 307
    https://img.mcag.de/ Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

422 kB
Transfer

540 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://img.mcag.de/ HTTP 307
    https://img.mcag.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
img.mcag.de/
Redirect Chain
  • http://img.mcag.de/
  • https://img.mcag.de/
60 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.mcag.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
58fb449e4458e80f65b4a7d13e396c4eb12192815675908ec72606554a02e0ac

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
61472
Content-Type
text/html
Date
Thu, 23 May 2024 09:47:20 GMT
ETag
"f020-5e57a55e66d43"
Last-Modified
Fri, 05 Aug 2022 08:34:33 GMT
Server
Apache

Redirect headers

Location
https://img.mcag.de/
Non-Authoritative-Reason
HttpsUpgrades
main.css
img.mcag.de/dist/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mcag.de/dist/main.css
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
c907215e6441ab4f963eb0743773380f6f637890823f8cf720fd8f163ddfd21d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Thu, 04 May 2017 09:48:03 GMT
Server
Apache
ETag
"7814-54eafab46c4e0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30740
app.js
cloud.ccm19.de/ 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/app.js?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
a0fdb9ce4b18c45a892bc34807c65d78ccd7b8d8bda2c21634e978e470ade3ad
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date
Thu, 23 May 2024 09:47:20 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-encoding
br
age
1930
x-powered-by
PHP/8.1.28
content-length
23199
server
Apache/2.4.59 (Ubuntu)
etag
"N55T4peTyePZ4ATzrZCCDJ51ujn3zIs3-br"
x-frame-options
sameorigin
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, public, stale-if-error=3600, stale-while-revalidate=3600
access-control-allow-credentials
true
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
access-control-max-age
3600
x-robots-tag
noindex, nofollow
link
<https://cloud.ccm19.de/app.css?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee&v=1715175300>;rel="preload";as="style";nopush, <https://cloud.ccm19.de/widget?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee&lang=de_DE&v=1715175300>;rel="preload";as="fetch";crossorigin="anonymous";nopush
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
main.js
img.mcag.de/dist/ 		188 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mcag.de/dist/main.js
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
f5466705ac6f8623379b8433e235f1d56f8131f3066814a391128018b1b7f81f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Thu, 04 May 2017 09:48:03 GMT
Server
Apache
ETag
"2f123-54eafab471300"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
192803
app.css
cloud.ccm19.de/ 		42 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/app.css?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee&v=1715175300
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28, PHP/8.1.28
Resource Hash
b2df32fb11edea7483a98bd07b4331ecd0a00261de6b4bd2c155f9d5da8c206b
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
date
Thu, 23 May 2024 09:47:20 GMT
content-encoding
br
strict-transport-security
max-age=16000000; includeSubDomains; preload
age
66345
x-powered-by
PHP/8.1.28, PHP/8.1.28
content-length
6754
last-modified
Wed, 08 May 2024 13:35:00 GMT
server
Apache/2.4.59 (Ubuntu)
etag
"N55T4lbuFuxDNPmUJfnSWzlgXLpZXhli-br"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
immutable, max-age=31536000, public, immutable, max-age=31536000, public
access-control-allow-credentials
true
access-control-max-age
3600
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
widget
cloud.ccm19.de/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/widget?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee&lang=de_DE&v=1715175300
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28, PHP/8.1.28
Resource Hash
876529fa83a511afbe04644f7a64b553a8258ca9d4fe76cea92e63c77b2bd5dc
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Origin
https://img.mcag.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:47:20 GMT
content-encoding
br
strict-transport-security
max-age=16000000; includeSubDomains; preload
age
89070
x-powered-by
PHP/8.1.28, PHP/8.1.28
content-length
1595
server
Apache/2.4.59 (Ubuntu)
etag
"N55T4igrnVCtqZ2jOjaisS+Uyh7cXEwM-br"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-language
de-DE
access-control-allow-origin
*
content-type
text/x-html-fragment; charset=utf-8
cache-control
immutable, max-age=2592000, public, immutable, max-age=2592000, public
access-control-allow-credentials
true
access-control-max-age
3600
x-robots-tag
noindex
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
module.js
cloud.ccm19.de/plugins/Ccm19ScriptPlaceholder/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/plugins/Ccm19ScriptPlaceholder/module.js?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee&lang=de_DE&v=1715175300
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
3a336847664b22a63ab4629335c35171e5c85346a0ea88485bfe55f00ce3f7cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
strict-transport-security
max-age=16000000; includeSubDomains; preload
x-powered-by
PHP/8.1.28
server
Apache/2.4.59 (Ubuntu)
etag
"N55T4u2b1/UAjACy5FJHfWFO/XK3k3nI-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
immutable, max-age=31536000, public
access-control-allow-credentials
true
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
access-control-max-age
3600
x-robots-tag
noindex
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
x-frame-options
sameorigin
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
index.php
img.mcag.de/php/ 		64 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.mcag.de/php/index.php
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/dist/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
9030b1d4bceda519527ba29b8df654627eac457aefd9abf430e9058916cf2c3b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.mcag.de/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Thu, 23 May 2024 09:47:20 GMT
Server
Apache
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
64
Expires
Thu, 19 Nov 1981 08:52:00 GMT
consent
cloud.ccm19.de/statistics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/statistics/consent?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://img.mcag.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
access-control-allow-methods
GET,POST,PUT
access-control-allow-origin
*
access-control-max-age
3600
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date
Thu, 23 May 2024 09:47:20 GMT
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
server
Apache/2.4.59 (Ubuntu)
strict-transport-security
max-age=16000000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
PHP/8.1.28
details
cloud.ccm19.de/widget/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/widget/details?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee&lang=de_DE&v=1715175300
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Origin
https://img.mcag.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date
Thu, 23 May 2024 09:47:20 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-encoding
br
age
92673
x-powered-by
PHP/8.1.28
content-length
4863
server
Apache/2.4.59 (Ubuntu)
etag
"N55T4ndbN/g/udq9/z8+Tv9m/N8xz1A0-br"
access-control-max-age
3600
access-control-allow-methods
GET,POST,PUT
content-language
de-DE
access-control-allow-origin
*
content-type
text/x-html-fragment; charset=utf-8
cache-control
immutable, max-age=31536000, public
access-control-allow-credentials
true
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
vary
Accept-Encoding
x-robots-tag
noindex
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
x-frame-options
sameorigin
consent
cloud.ccm19.de/statistics/ 		16 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.ccm19.de/statistics/consent?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7&gen=2&theme=62eccb00030a67077f07fdee
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=96a37d12525a576eeaa40a2782713413e99183f5fd4c2b90&domain=62eccb00030a67077f07fde7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 May 2024 09:47:20 GMT
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-encoding
gzip
x-powered-by
PHP/8.1.28
content-length
36
server
Apache/2.4.59 (Ubuntu)
access-control-max-age
3600
access-control-allow-methods
GET,POST,PUT
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
x-frame-options
sameorigin
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
vary
Accept-Encoding
settings-icon
cloud.ccm19.de/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.ccm19.de/settings-icon?user=61e14e3eae40105f5d40a189&domain=62eccb00030a67077f07fde7&theme=62eccb00030a67077f07fdee&v=1689075531
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
de4c1e8c7b2578e8d51c8fa3a8952061b0ece7041138f9af5941f300f49133f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://update.ccm19.de; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; font-src 'self' ; img-src 'self' data: https://www.ccm19.de; frame-ancestors 'self'; form-action 'self' https:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:47:20 GMT
content-security-policy
default-src 'self'; connect-src 'self' https://update.ccm19.de; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; font-src 'self' ; img-src 'self' data: https://www.ccm19.de; frame-ancestors 'self'; form-action 'self' https:
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-encoding
gzip
server
Apache/2.4.59 (Ubuntu)
x-powered-by
PHP/8.1.28
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=450, public
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
content-length
1996
index.php
img.mcag.de/php/ 		596 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.mcag.de/php/index.php
Requested by
Host: img.mcag.de
URL: https://img.mcag.de/dist/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
0dc56811071811a990f350ed81d95f4318b63c07e2af4b1040265f77d1d5c01f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.mcag.de/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Thu, 23 May 2024 09:47:20 GMT
Server
Apache
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
596
Expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
img.mcag.de/ 		33 KB
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.mcag.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
70cb972aee61b43a0e2310b1fabd94303856127fa073ec02a7965745165aa6c0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Thu, 04 May 2017 09:47:50 GMT
Server
Apache
ETag
"8284-54eafaa88a4c3"
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33412
ac55e4e2261cfdc667cb63b706cccbeb.jpeg
img.mcag.de/uploads/thumb/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mcag.de/uploads/thumb/ac55e4e2261cfdc667cb63b706cccbeb.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
01dcf296253c365be368dea734b1ebb4a0f86b40cb8cc3bb59ab0aaf9a637785

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Thu, 25 Apr 2024 11:31:53 GMT
Server
Apache
ETag
"20cc-616ea22421092"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8396
0edf0ff47dd1b7fa95bd40cb84876191.jpeg
img.mcag.de/uploads/thumb/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mcag.de/uploads/thumb/0edf0ff47dd1b7fa95bd40cb84876191.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
c94a3f468a032cc58a10b79a4ea4f31d6c508637f6fb6c9de845c2430fc386fa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Thu, 25 Apr 2024 11:39:32 GMT
Server
Apache
ETag
"3518-616ea3d9e6aab"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13592
4d83f55f37d01af950c0c72844a1035a.jpeg
img.mcag.de/uploads/thumb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mcag.de/uploads/thumb/4d83f55f37d01af950c0c72844a1035a.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
222ba68b556938894513414ad30af07391a2c7cbd7c7305703ee58b2944bf86b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Thu, 25 Apr 2024 11:44:04 GMT
Server
Apache
ETag
"3099-616ea4ddb6f0f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12441
4f7e96e10c985f198e6da85e82e1e09a.jpeg
img.mcag.de/uploads/thumb/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mcag.de/uploads/thumb/4f7e96e10c985f198e6da85e82e1e09a.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
859bb65a8cf700653ef1da86839d9f46ef4cae51c29ee3b55114ec781106d891

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Wed, 22 May 2024 14:42:50 GMT
Server
Apache
ETag
"1dfd-6190bf2daccf9"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7677
7dad8b5c51b71a516f6172b930c180a6.jpeg
img.mcag.de/uploads/thumb/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mcag.de/uploads/thumb/7dad8b5c51b71a516f6172b930c180a6.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
6193e4b9af24aed16c8ffca91df0ddc09fca7acdc413f0fb6ac64547dcba9a90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Fri, 03 May 2019 13:58:48 GMT
Server
Apache
ETag
"28c4-587fc265dce6c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10436
ffc4e882277254822d2b2611231c02ba.jpeg
img.mcag.de/uploads/thumb/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mcag.de/uploads/thumb/ffc4e882277254822d2b2611231c02ba.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.35.226.77 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
wp308.webpack.hosteurope.de
Software
Apache /
Resource Hash
2086ba4ee9b7af606546f5f2ce23256ce30f1c81b568bc56c651474f1658f7b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.mcag.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 09:47:20 GMT
Last-Modified
Tue, 12 May 2020 08:40:33 GMT
Server
Apache
ETag
"2abf-5a56f6ab74f79"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10943

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Ccm19Plugins object| CCM function| _taggedTemplateLiteral function| gup object| _templateObject object| _templateObject2 object| _templateObject3 object| _templateObject4 object| _templateObject5 object| _templateObject6 object| _templateObject7 object| _templateObject8 object| _templateObject9 object| _templateObject10 object| _templateObject11 object| _templateObject12 object| _templateObject13 object| _templateObject14 object| _templateObject15 object| _templateObject16 object| _templateObject17 object| _templateObject18 object| _templateObject19 object| _templateObject20 object| _templateObject21 object| _templateObject22 object| _templateObject23 object| _templateObject24 object| _templateObject25 object| _templateObject26 object| _templateObject27 object| _templateObject28 object| _templateObject29 object| _templateObject30 object| _templateObject31 object| _templateObject32 object| _templateObject33 object| _templateObject34 object| _templateObject35 object| _templateObject36 object| _templateObject37 object| _templateObject38 object| _templateObject39 object| _templateObject40 object| _templateObject41 function| $ function| jQuery function| Mousetrap object| basicContext object| basicModal object| album object| albums object| api object| build object| contextMenu object| header object| loadingBar object| lychee object| multiselect object| password object| photo object| search object| settings object| sidebar object| swipe object| upload object| view object| visible object| dataLayer

1 Cookies

Domain/Path Name / Value
img.mcag.de/ Name: PHPSESSID
Value: 2a06c0e0541fa37d3f84673714ac5721

4 Console Messages

Source Level URL
Text
rendering error URL: https://img.mcag.de/(Line 30)
Message:
Error: <symbol> attribute viewBox: Expected number, "��\u0001\nNV����\u0001\nNV��…".
rendering error URL: https://img.mcag.de/(Line 35)
Message:
Error: <path> attribute d: Expected number, "…99.483-1.063.469-��\u0001\nNV����\u0001\nNV�…".
rendering error URL: https://img.mcag.de/(Line 154)
Message:
Error: <symbol> attribute viewBox: Expected number, "��\u0001\nNV����\u0001\nNV��…".
rendering error URL: https://img.mcag.de/(Line 154)
Message:
Error: <svg> attribute viewBox: Expected number, "��\u0001\nNV����\u0001\nNV��…".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.ccm19.de
img.mcag.de
148.251.5.29
5.35.226.77
01dcf296253c365be368dea734b1ebb4a0f86b40cb8cc3bb59ab0aaf9a637785
0dc56811071811a990f350ed81d95f4318b63c07e2af4b1040265f77d1d5c01f
2086ba4ee9b7af606546f5f2ce23256ce30f1c81b568bc56c651474f1658f7b5
222ba68b556938894513414ad30af07391a2c7cbd7c7305703ee58b2944bf86b
3a336847664b22a63ab4629335c35171e5c85346a0ea88485bfe55f00ce3f7cc
58fb449e4458e80f65b4a7d13e396c4eb12192815675908ec72606554a02e0ac
6193e4b9af24aed16c8ffca91df0ddc09fca7acdc413f0fb6ac64547dcba9a90
70cb972aee61b43a0e2310b1fabd94303856127fa073ec02a7965745165aa6c0
859bb65a8cf700653ef1da86839d9f46ef4cae51c29ee3b55114ec781106d891
876529fa83a511afbe04644f7a64b553a8258ca9d4fe76cea92e63c77b2bd5dc
9030b1d4bceda519527ba29b8df654627eac457aefd9abf430e9058916cf2c3b
a0fdb9ce4b18c45a892bc34807c65d78ccd7b8d8bda2c21634e978e470ade3ad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2df32fb11edea7483a98bd07b4331ecd0a00261de6b4bd2c155f9d5da8c206b
c907215e6441ab4f963eb0743773380f6f637890823f8cf720fd8f163ddfd21d
c94a3f468a032cc58a10b79a4ea4f31d6c508637f6fb6c9de845c2430fc386fa
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
de4c1e8c7b2578e8d51c8fa3a8952061b0ece7041138f9af5941f300f49133f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5466705ac6f8623379b8433e235f1d56f8131f3066814a391128018b1b7f81f