URL: https://customers.youngmountain.com/
Submission: On September 18 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 77.244.250.189, located in Klosterneuburg, Austria and belongs to NESSUS, AT. The main domain is customers.youngmountain.com.
TLS certificate: Issued by R3 on July 20th 2021. Valid for: 3 months.
This is the only time customers.youngmountain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 77.244.250.189 47692 (NESSUS)
1 142.250.185.200 15169 (GOOGLE)
2 31.13.92.14 32934 (FACEBOOK)
2 142.250.185.110 15169 (GOOGLE)
2 31.13.92.36 32934 (FACEBOOK)
18 5
Domain Requested by
7 customers.youngmountain.com customers.youngmountain.com
3 api.qparks.com customers.youngmountain.com
api.qparks.com
2 www.facebook.com customers.youngmountain.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net customers.youngmountain.com
connect.facebook.net
1 www.googletagmanager.com customers.youngmountain.com
1 qcms-pages.qparks.com customers.youngmountain.com
18 7

This site contains no links.

Subject Issuer Validity Valid
customers.youngmountain.com
R3
2021-07-20 -
2021-10-18
3 months crt.sh
api.qparks.com
R3
2021-09-02 -
2021-12-01
3 months crt.sh
qcms-pages.qparks.com
R3
2021-09-02 -
2021-12-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://customers.youngmountain.com/
Frame ID: ACA33D39517CA4C8A7AF7FE7E1A63CF0
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Kundenbereich

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

1104 kB
Transfer

2577 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
customers.youngmountain.com/
15 KB
4 KB
Document
General
Full URL
https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
d87396ffacb7b625001b69cae7cbedabe7137d1e4c3cfd4d060b63c2eaa3bf4b

Request headers

Host
customers.youngmountain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Server
Apache/2.4.10 (Debian)
Set-Cookie
QParks_Session=ul018agc63sjd3j46va12k83d6; path=/; secure; HttpOnly QParks_Session=pttk8mgad51g7a2ui9jao0jll3; path=/; secure; HttpOnly QParks_Session=pttk8mgad51g7a2ui9jao0jll3; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3632
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
api.qparks.com/action/minify/cust/cms/file/css/page/qparks-customers/
297 KB
51 KB
Stylesheet
General
Full URL
https://api.qparks.com/action/minify/cust/cms/file/css/page/qparks-customers/
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
a47803b5a25e71e3e93f2a25ec74de47b9b0749c99024d8554faf736ced91bfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 13:27:03 GMT
Server
Apache/2.4.10 (Debian)
ETag
"pub1629725223;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
52159
Expires
Sat, 18 Sep 2021 23:25:52 GMT
/
qcms-pages.qparks.com/action/picture/image/11118_ymm.png/
1 KB
1 KB
Image
General
Full URL
https://qcms-pages.qparks.com/action/picture/image/11118_ymm.png/
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
63e04eb717d2a9ab9f8b6e29f126f67909a27cb87f25bd7b4f669ef20f4cbdff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Last-Modified
Wed, 19 Apr 2017 10:21:47 GMT
Server
Apache/2.4.10 (Debian)
Content-Type
image/png
Cache-control
max-age=31536000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1193
Expires
Sun, 18 Sep 2022 22:55:52 +0000
logo-customers.jpg
customers.youngmountain.com/cms/pages/qparks-customers/img/
3 KB
3 KB
Image
General
Full URL
https://customers.youngmountain.com/cms/pages/qparks-customers/img/logo-customers.jpg
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
26ed3d41ef3d75a010b0592d7cf453d4057491021f65944d84a38afac6afc204

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://customers.youngmountain.com/
Cookie
QParks_Session=pttk8mgad51g7a2ui9jao0jll3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Last-Modified
Mon, 13 Feb 2017 12:04:11 GMT
Server
Apache/2.4.10 (Debian)
ETag
"cca-548683ecd64c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3274
/
api.qparks.com/action/minify/cust/cms/file/js/page/qparks-customers/
625 KB
156 KB
Script
General
Full URL
https://api.qparks.com/action/minify/cust/cms/file/js/page/qparks-customers/
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
48e9d5239f754ffefd015d8d113a9ddea7c183ff21d5f68284ceda75f4343fb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 08:19:02 GMT
Server
Apache/2.4.10 (Debian)
ETag
"pub1599812342;gz"
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
158945
Expires
Sat, 18 Sep 2021 23:25:52 GMT
tinymce.min.js
customers.youngmountain.com/cms/thirdparty/tinymce/
392 KB
133 KB
Script
General
Full URL
https://customers.youngmountain.com/cms/thirdparty/tinymce/tinymce.min.js
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
58230fee58fbeca6a29086f3fdaadd46afd22cf8671465f238640ddddcbb205b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://customers.youngmountain.com/
Cookie
QParks_Session=pttk8mgad51g7a2ui9jao0jll3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2016 22:08:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"61f9f-541ff21bc2e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
handlebars-v3.0.3.js
customers.youngmountain.com/cms/thirdparty/handlebars/
141 KB
32 KB
Script
General
Full URL
https://customers.youngmountain.com/cms/thirdparty/handlebars/handlebars-v3.0.3.js
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
9c1fdf4ff6660a874c83b0c53e1d79b819bd0fe93a5d8884556a19b5e8a201a7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://customers.youngmountain.com/
Cookie
QParks_Session=pttk8mgad51g7a2ui9jao0jll3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2016 08:26:12 GMT
Server
Apache/2.4.10 (Debian)
ETag
"232d2-533ba8af81100-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
32814
initPage.js
customers.youngmountain.com/cms/js/pages/
2 KB
1 KB
Script
General
Full URL
https://customers.youngmountain.com/cms/js/pages/initPage.js
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
dc78bbb75c0eab89c060144075826b1b1f4ad1a56cfe93a3047fbf649108b0d1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://customers.youngmountain.com/
Cookie
QParks_Session=pttk8mgad51g7a2ui9jao0jll3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Dec 2019 15:09:57 GMT
Server
Apache/2.4.10 (Debian)
ETag
"7f3-599d39ac05b40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
690
js
www.googletagmanager.com/gtag/
99 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11188673-36
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8b918b6036e631e80b14b64640c93a312b3a616f3061a8da22b30df58b970955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 22:55:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40286
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Sep 2021 22:55:52 GMT
print.css
customers.youngmountain.com/cms/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://customers.youngmountain.com/cms/css/print.css
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
7ad923e4427ed04046edc482c745868fa8340e90b0b363370f950533f2289c11

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customers.youngmountain.com/
Cookie
QParks_Session=pttk8mgad51g7a2ui9jao0jll3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Mar 2017 17:01:45 GMT
Server
Apache/2.4.10 (Debian)
ETag
"d5e-54a3b15557040-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
897
bg-customers.jpg
customers.youngmountain.com/cms/pages/qparks-customers/img/
471 KB
471 KB
Image
General
Full URL
https://customers.youngmountain.com/cms/pages/qparks-customers/img/bg-customers.jpg
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
42ec57bf334ddb6db4a5cab01a7f490e7fd2c8817100e7e0723eaeef85742fd9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://customers.youngmountain.com/
Cookie
QParks_Session=pttk8mgad51g7a2ui9jao0jll3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Last-Modified
Mon, 13 Feb 2017 10:34:48 GMT
Server
Apache/2.4.10 (Debian)
ETag
"75caa-54866ff248200"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
482474
fontawesome-webfont.woff2
api.qparks.com/cms/thirdparty/fontawesome/
75 KB
76 KB
Font
General
Full URL
https://api.qparks.com/cms/thirdparty/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: api.qparks.com
URL: https://api.qparks.com/action/minify/cust/cms/file/css/page/qparks-customers/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.244.250.189 Klosterneuburg, Austria, ASN47692 (NESSUS, AT),
Reverse DNS
ip077244250189.rev.nessus.at
Software
Apache/2.4.10 (Debian) /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://api.qparks.com/action/minify/cust/cms/file/css/page/qparks-customers/
Origin
https://customers.youngmountain.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 22:55:52 GMT
Last-Modified
Thu, 27 Oct 2016 14:51:44 GMT
Server
Apache/2.4.10 (Debian)
ETag
"12d68-53fd9e14e2000"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
77160
fbevents.js
connect.facebook.net/en_US/
99 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
VlurMF6MBns1RuQ2p5lVsiTtFrmWRwBo78UtpHQTlieVXexIk2P7dozrSk5Fu+6LZvMbJxO2t1A12SLCxlCKDQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 18 Sep 2021 22:55:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11188673-36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
535
date
Sat, 18 Sep 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 00:46:57 GMT
1730700703826299
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1730700703826299?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
f3515c7e1e6584a658801c8cd3724aa9e047386ea20f49ff168f5b5655186648
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
dj/PQ1/i+4PA2h9wlKjeBS1J5H2ha5CsgfXYbGpAJHTbM/+sIWmD1t+gmsEyyvRhV0EyPdkHyABTYaxIYQ+lXg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 18 Sep 2021 22:55:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=415689743&t=pageview&_s=1&dl=https%3A%2F%2Fcustomers.youngmountain.com%2F&ul=en-us&de=UTF-8&dt=Kundenbereich&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=587613871&gjid=969634564&cid=2070330592.1632005753&tid=UA-11188673-36&_gid=1678319290.1632005753&_r=1&gtm=2ou9f0&z=232064797
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://customers.youngmountain.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Sep 2021 22:55:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://customers.youngmountain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
313 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1730700703826299&ev=PageView&dl=https%3A%2F%2Fcustomers.youngmountain.com%2F&rl=&if=false&ts=1632005752826&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632005752824.913322365&it=1632005752680&coo=false&rqm=GET
Requested by
Host: customers.youngmountain.com
URL: https://customers.youngmountain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 22:55:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 18 Sep 2021 22:55:52 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1730700703826299&ev=Microdata&dl=https%3A%2F%2Fcustomers.youngmountain.com%2F&rl=&if=false&ts=1632005753333&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kundenbereich%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632005752824.913322365&it=1632005752680&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customers.youngmountain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 22:55:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 18 Sep 2021 22:55:53 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| dropZoneHandler function| appHandlerErrors function| appHandlerForms function| appHandlerFilters function| appHandlerStorage function| appHandlerInputs function| appFacebook function| appHandlermages function| ymApps function| ymSetup function| ymFunslope function| ymVoting function| ymMessages function| ymUsers function| ymSocialRegister function| ymLikes function| ymMedia function| ymGallery function| ymDashboard function| ymTextblocks function| ymPaging function| ymTourStop function| ymPolls function| ymContactForm function| ymPages function| $ function| jQuery function| EventEmitter object| eventie function| imagesLoaded function| moment function| PhotoSwipe function| PhotoSwipeUI_Default function| Dropzone function| tinysort function| fbAsyncInit number| mce-data-1ffthv1or object| tinyMCE object| tinymce object| Handlebars object| ymSettings string| gaProperty string| disableStr function| gaOptout function| gtag object| dataLayer string| disableStrPixel function| pixelOptout function| fbq function| _fbq object| errorHandler object| formHandler object| inputHandler object| filterHandler object| storageHandler object| imagesHandler object| appYm object| facebookHandler object| appYmPages object| appYmSetup object| appYmVoting object| appYmMessages object| appYmUsers object| appYmSocialRegister object| appYmLikes object| appYmMedia object| appYmGallery object| appYmDashboard object| appYmTextblocks object| appYmPaging object| appYmTourStop object| appYmPolls object| appYmContactForm object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
customers.youngmountain.com/ Name: QParks_Session
Value: pttk8mgad51g7a2ui9jao0jll3
.youngmountain.com/ Name: _ga
Value: GA1.2.2070330592.1632005753
.youngmountain.com/ Name: _gid
Value: GA1.2.1678319290.1632005753
.youngmountain.com/ Name: _gat_gtag_UA_11188673_36
Value: 1
.youngmountain.com/ Name: _fbp
Value: fb.1.1632005752824.913322365

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.qparks.com
connect.facebook.net
customers.youngmountain.com
qcms-pages.qparks.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.110
142.250.185.200
31.13.92.14
31.13.92.36
77.244.250.189
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
26ed3d41ef3d75a010b0592d7cf453d4057491021f65944d84a38afac6afc204
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
42ec57bf334ddb6db4a5cab01a7f490e7fd2c8817100e7e0723eaeef85742fd9
48e9d5239f754ffefd015d8d113a9ddea7c183ff21d5f68284ceda75f4343fb9
58230fee58fbeca6a29086f3fdaadd46afd22cf8671465f238640ddddcbb205b
63e04eb717d2a9ab9f8b6e29f126f67909a27cb87f25bd7b4f669ef20f4cbdff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ad923e4427ed04046edc482c745868fa8340e90b0b363370f950533f2289c11
8b918b6036e631e80b14b64640c93a312b3a616f3061a8da22b30df58b970955
9c1fdf4ff6660a874c83b0c53e1d79b819bd0fe93a5d8884556a19b5e8a201a7
a47803b5a25e71e3e93f2a25ec74de47b9b0749c99024d8554faf736ced91bfd
d87396ffacb7b625001b69cae7cbedabe7137d1e4c3cfd4d060b63c2eaa3bf4b
dc78bbb75c0eab89c060144075826b1b1f4ad1a56cfe93a3047fbf649108b0d1
f3515c7e1e6584a658801c8cd3724aa9e047386ea20f49ff168f5b5655186648
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62