hersheycontest.avatarclient.net Open in urlscan Pro
2606:4700:3032::6815:4b97  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response hersheycontest.avatarclient.net/	2 KB 1 KB	614ms 440ms	Document text/html	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29d8754a3281399176da1d16a0defb03899de0220673368eeea81582395cd3fc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a96def29a5f18f1-FRA content-encoding br content-type text/html date Fri, 26 Jul 2024 19:42:05 GMT last-modified Thu, 09 Nov 2023 19:04:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEX2Mltky1M5QFmEt0EO%2Fc3mspFb49piCqxJKgG9jHxWJExdxen6diqtMRJPWtUsJi8WT%2FpSmWYJhSa0hfD%2BfguKMgnr1BdctsM3CPUvS1G6HV2FuEGIuNYKhrCPKt238F0TlQ%2F%2FiU1VJZ29wxo1Poh5%2FkcYV5hJnxYorA0h"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-cod-country DE x-cod-region Hesse x-cod-region-code HE
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 988 B	32ms 16ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 608036b7b63915f5248f6d091b2dee04221549a4f4b468e3bad05e85b2b17b3d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 26 Jul 2024 19:42:05 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	195 KB 71 KB	45ms 24ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-145010765-4 Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bcbc2fe08390e6a346675f2027a1c6daef14ccaa7246aaa7fd3a17438bee35c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72330 x-xss-protection 0 last-modified Fri, 26 Jul 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Jul 2024 19:42:05 GMT
GET H3	200	app.9e3b04e2.css hersheycontest.avatarclient.net/css/	31 KB 6 KB	440ms 439ms	Stylesheet text/css	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hersheycontest.avatarclient.net/css/app.9e3b04e2.css Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b25369ccf609873b893fbad042c47c28d148e7db833f95dc351f64074d82981 Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:06 GMT content-encoding br cf-cache-status MISS last-modified Thu, 09 Nov 2023 19:05:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-cod-region Hesse vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F79pYCr5p5tgyJp0d7W2qS6kMSi9lbb1%2Bg7NZm%2FVqjlySBRZpY2E8fysK71opybgDw6Z1sGpqvwAKByEMNU0BB%2F7FbwVKRDLdiyo3SnBFB3K%2BvK6ghps9wgfcHbjpXXz4zMERmFPPi05LNX9NZEdwKpewancPuYwWEX5lVFY"}],"group":"cf-nel","max_age":604800} content-type text/css x-cod-region-code HE cache-control public, max-age=2678400 cf-ray 8a96def56e0b18f1-FRA alt-svc h3=":443"; ma=86400 x-cod-country DE
GET H3	200	app.5497b3a1.js Show response hersheycontest.avatarclient.net/js/	42 KB 13 KB	576ms 576ms	Script application/javascript	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hersheycontest.avatarclient.net/js/app.5497b3a1.js Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f98c929613cda73e0ad246eabc33732cfab040f58d6478c7f62931e245d481 Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:06 GMT content-encoding br cf-cache-status MISS last-modified Thu, 09 Nov 2023 19:05:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-cod-region Hesse vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0DcsTg6isqi6zSMz2E8aY7WRyJm83WyLZf%2FLV0X0Y7izI%2FXpwfYfkn5eSwbvw8mbap70rV4Jp62bnnPRweSDGzDGKT4iGN4%2Fi1shlLoJsPTugFJgtRR%2FbfpyfeiXyClfHI%2FFUs%2FvKWwcNkuHPPG14PBbR%2FuxbyzPEgkbl0p"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cod-region-code HE cache-control public, max-age=2678400 cf-ray 8a96def56e0c18f1-FRA alt-svc h3=":443"; ma=86400 x-cod-country DE
GET H3	200	chunk-vendors.9e7a92b0.js Show response hersheycontest.avatarclient.net/js/	170 KB 61 KB	735ms 734ms	Script application/javascript	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hersheycontest.avatarclient.net/js/chunk-vendors.9e7a92b0.js Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4ea98a3fcb4e6f2469ea56c3dd8300b063dfa0634f3bdee8eb562413aa1aa5a Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:06 GMT content-encoding br cf-cache-status MISS last-modified Thu, 09 Nov 2023 19:06:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-cod-region Hesse vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6oFCVXpl9A%2FbtzTZ41s1IT91NE%2BduL2pWbfT0v183UxxmNZSjDfXXwyB7ZFKsHSm7xpLcA0iVfXvfTEK7B3PKhHXvFBV177lwp7uHb2VHO2fMhVCYVrNYBJ4Tq8QiMJrKJDuL8xgVsdw3p79nNy6mW0QFrhP47O0dKvZulDM"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cod-region-code HE cache-control public, max-age=2678400 cf-ray 8a96def56e0d18f1-FRA alt-svc h3=":443"; ma=86400 x-cod-country DE
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/	533 KB 213 KB	33ms 6ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hersheycontest.avatarclient.net/ Origin https://hersheycontest.avatarclient.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 13:47:15 GMT content-encoding gzip x-content-type-options nosniff age 21290 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 216982 x-xss-protection 0 last-modified Mon, 22 Jul 2024 21:52:36 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 26 Jul 2025 13:47:15 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-145010765-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 26 Jul 2024 18:53:22 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2923 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 26 Jul 2024 20:53:22 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 216 B	15ms 15ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=398420924&t=pageview&_s=1&dl=https%3A%2F%2Fhersheycontest.avatarclient.net%2F&ul=de-de&de=UTF-8&dt=Hershey%20-%20Reeseter%20Egg%20Hunt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=297107355&gjid=2113026295&cid=102500056.1722022926&tid=UA-145010765-4&_gid=1335012572.1722022926&_r=1&gtm=457e47o0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&jsscut=1&npa=1&z=1562595216 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 26 Jul 2024 19:42:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://hersheycontest.avatarclient.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	egg_left.2c30d099.png hersheycontest.avatarclient.net/img/	262 KB 262 KB	832ms 831ms	Image image/png	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hersheycontest.avatarclient.net/img/egg_left.2c30d099.png Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f2f4f98431a6edd4b4e999a8c5b4f5c20abd219a08c2313ce557d568fc41ab7 Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:07 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cod-region Hesse alt-svc h3=":443"; ma=86400 content-length 268199 x-cod-country DE last-modified Thu, 09 Nov 2023 19:06:47 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVgNako7IBML6TmulJAczMLRY52kaa2KxIjQDSiAropsOOYHfsn37zbWfeK41zrVcEl2HXbVWptSMzaf4MxtMZI6O5IPeyVIf78Ij2barbNaUqAZjKhla3kVk3JgDI3WRngZhoL%2BcGnkhkifMnokK2NQ9FahX4d1IqptBjPQ"}],"group":"cf-nel","max_age":604800} content-type image/png x-cod-region-code HE cache-control public, max-age=2678400 accept-ranges bytes cf-ray 8a96defa3db518f1-FRA
GET H3	200	egg_shadow.2aa94276.png hersheycontest.avatarclient.net/img/	5 KB 6 KB	443ms 443ms	Image image/png	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hersheycontest.avatarclient.net/img/egg_shadow.2aa94276.png Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f45082be32b27dd3f4beb41967217b84e08e7abbef9c770d15533ac22a1d5eec Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:06 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cod-region Hesse alt-svc h3=":443"; ma=86400 content-length 5224 x-cod-country DE last-modified Thu, 09 Nov 2023 19:06:48 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FhAYnjM6spJM859gCmxTfGjXpNQq0Vv6GAH3mueFQaK9BQTgaa%2BpOwik6Dwc5t5n1n9FX7MgmQM3Mzt8K2OrcsbP8csgoM9IIkgbMMA4UCC5au61Kcv6wgYLnAbTTtkBzBM6H7hDqv%2BjGhpjqvWqT1de6xNBrKmI4%2FRq%2BoM"}],"group":"cf-nel","max_age":604800} content-type image/png x-cod-region-code HE cache-control public, max-age=2678400 accept-ranges bytes cf-ray 8a96defa3db918f1-FRA
GET H3	200	egg_right.58008e29.png hersheycontest.avatarclient.net/img/	230 KB 231 KB	733ms 732ms	Image image/png	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hersheycontest.avatarclient.net/img/egg_right.58008e29.png Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53dbc270573486fa53ea0c276555621180b2b08d65dae8641c3002ff809ba8a Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:07 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cod-region Hesse alt-svc h3=":443"; ma=86400 content-length 235881 x-cod-country DE last-modified Thu, 09 Nov 2023 19:06:45 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FO%2BWyyy8U%2BtHdwm4nNGPHQosZC14erXIbBJ%2FobV4dvhWLH57GpuoPlAS9%2B%2BFc5x8CrsQYjugchWDSN%2BGzfgxKqJLLtwfPmUrbxxEyD4DEzH517yGIgTQXamxlWFKL0M%2BNJJPgq21pMT8AOPoaH0ICw9qRF05vBbs9a1EDMVt"}],"group":"cf-nel","max_age":604800} content-type image/png x-cod-region-code HE cache-control public, max-age=2678400 accept-ranges bytes cf-ray 8a96defa3dbc18f1-FRA
GET H3	200	egg_beta.9ab6ed76.png hersheycontest.avatarclient.net/img/	67 KB 67 KB	710ms 710ms	Image image/png	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hersheycontest.avatarclient.net/img/egg_beta.9ab6ed76.png Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28852263536f906448dae5509cb57297da5f43929ca6502d5a287f0f99e52379 Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:07 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cod-region Hesse alt-svc h3=":443"; ma=86400 content-length 68542 x-cod-country DE last-modified Thu, 09 Nov 2023 19:06:49 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFfuverRJLpGqu6NWr9Zj5DKBh1JYgShwz3TT3SgJgmnAyIEzmksvR2HzDllUZaWKtgFsR4ldF36fKeQh%2BhecgJak%2Fg3NVOyw5gCXRWN4K%2Fw0VrwFl6ZYBNkbqBi9OaM95t3FAnJ1ATBWB0F9H3ipNV7MHe2lfEFl2lN2iTk"}],"group":"cf-nel","max_age":604800} content-type image/png x-cod-region-code HE cache-control public, max-age=2678400 accept-ranges bytes cf-ray 8a96defa3dbf18f1-FRA
GET H3	200	Futura-Bold.ttf hersheycontest.avatarclient.net/assets/fonts/futura/	22 KB 13 KB	572ms 571ms	Font font/ttf	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hersheycontest.avatarclient.net/assets/fonts/futura/Futura-Bold.ttf Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/css/app.9e3b04e2.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a173df0095450abe8066d3bb0e69d038966cec9c848733e566246f9b81accb12 Request headers Referer https://hersheycontest.avatarclient.net/css/app.9e3b04e2.css Origin https://hersheycontest.avatarclient.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:07 GMT content-encoding br cf-cache-status MISS last-modified Thu, 09 Nov 2023 19:07:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-cod-region Hesse vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUP36WXRPzEVCVcmF0VxRLC6EJJ2j6xdBZlK86vkiyrER9FzKwPBpJJmb%2Blti87mqvzfKrboieK2N59OlyELUaHDq78YSJ1T4SQnFb39SMhZCSOea51numvFDgBJ18N38rHI4kuJoYZP0a2JbS%2B47Mp9I8F8UIQ8PbjLrppg"}],"group":"cf-nel","max_age":604800} content-type font/ttf x-cod-region-code HE cache-control max-age=2678400 cf-ray 8a96defa5dfa18f1-FRA alt-svc h3=":443"; ma=86400 x-cod-country DE
GET BLOB	200 OK	9934a9fd-2627-44d0-8e13-e1d95e9d0075 https://hersheycontest.avatarclient.net/	7 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://hersheycontest.avatarclient.net/9934a9fd-2627-44d0-8e13-e1d95e9d0075 Requested by Host: hersheycontest.avatarclient.net URL: https://hersheycontest.avatarclient.net/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9fd19880e170d0d9c7f1ebac39fcfea445ff8720e14fd17b3bbd115186bdc2ef Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 7668 Content-Type
GET H3	200	favicon.ico hersheycontest.avatarclient.net/	15 KB 10 KB	447ms 447ms	Other image/x-icon	2606:4700:3032::6815:4b97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hersheycontest.avatarclient.net/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4b97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d7b1a99a71e259ccc63b545eed048475d5c784316b521540713dc75b317b853 Request headers Referer https://hersheycontest.avatarclient.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 19:42:07 GMT content-encoding br cf-cache-status MISS last-modified Thu, 09 Nov 2023 19:04:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-cod-region Hesse vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXSOL7VIGt8TEVpG%2FrQohL1NpbkKeinziZBCYyjyjbhHm6364fMVY%2FQxB486iqcuRsK8fB8d%2B4u1LV2KNb4pNydEumUvRQdi8dsRJvuFBJSqTBEJ3Fe3Ci6rkweF57PdRggeVe%2Bk%2FfeKVu5wfMm13QDt6OBc4Tm9A5vLN8Ey"}],"group":"cf-nel","max_age":604800} content-type image/x-icon x-cod-region-code HE cache-control public, max-age=2678400 cf-ray 8a96df00af0418f1-FRA alt-svc h3=":443"; ma=86400 x-cod-country DE

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| vueRecaptchaApiLoaded object| $cookies

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.avatarclient.net/	1970-01-21 07:56:22	Name: _ga Value: GA1.2.102500056.1722022926
			.avatarclient.net/	1970-01-20 22:21:49	Name: _gid Value: GA1.2.1335012572.1722022926
			.avatarclient.net/	1970-01-20 22:20:22	Name: _gat_gtag_UA_145010765_4 Value: 1
			hersheycontest.avatarclient.net/	1970-01-20 22:20:31	Name: hershey Value: %7B%22id%22%3A%22hershey%22%2C%22session%22%3A%2225j_7Sl6xDq2Kc3ym0fmrSSk2xV2XkUkX%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hersheycontest.avatarclient.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:3032::6815:4b97
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
28852263536f906448dae5509cb57297da5f43929ca6502d5a287f0f99e52379
29d8754a3281399176da1d16a0defb03899de0220673368eeea81582395cd3fc
2f2f4f98431a6edd4b4e999a8c5b4f5c20abd219a08c2313ce557d568fc41ab7
3d7b1a99a71e259ccc63b545eed048475d5c784316b521540713dc75b317b853
5b25369ccf609873b893fbad042c47c28d148e7db833f95dc351f64074d82981
608036b7b63915f5248f6d091b2dee04221549a4f4b468e3bad05e85b2b17b3d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9fd19880e170d0d9c7f1ebac39fcfea445ff8720e14fd17b3bbd115186bdc2ef
a173df0095450abe8066d3bb0e69d038966cec9c848733e566246f9b81accb12
a53dbc270573486fa53ea0c276555621180b2b08d65dae8641c3002ff809ba8a
bcbc2fe08390e6a346675f2027a1c6daef14ccaa7246aaa7fd3a17438bee35c7
d4ea98a3fcb4e6f2469ea56c3dd8300b063dfa0634f3bdee8eb562413aa1aa5a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f45082be32b27dd3f4beb41967217b84e08e7abbef9c770d15533ac22a1d5eec
f7f98c929613cda73e0ad246eabc33732cfab040f58d6478c7f62931e245d481