im-a-puzzle.com Open in urlscan Pro
75.119.203.147 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://im-a-puzzle.com/
Submission: On December 11 via manual (December 11th 2020, 7:57:20 pm UTC) from US

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 58 HTTP transactions. The main IP is 75.119.203.147, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is im-a-puzzle.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 17th 2020. Valid for: 3 months.

This is the only time im-a-puzzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	75.119.203.147 75.119.203.147	26347 (DREAMHOST-AS) (DREAMHOST-AS)
16	2606:4700:303... 2606:4700:3031::681c:1ca8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	104.84.56.24 104.84.56.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4003:c11::78	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
58	16

7 75.119.203.147 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-twiddle.caldera.dreamhost.com

im-a-puzzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3031::681c:1ca8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.im-a-puzzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.56.24 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4003:c11::78 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	im-a-puzzle.com im-a-puzzle.com static.im-a-puzzle.com	574 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	220 KB
8	googleusercontent.com lh4.googleusercontent.com lh3.googleusercontent.com lh5.googleusercontent.com lh6.googleusercontent.com	16 KB
4	doubleclick.net googleads.g.doubleclick.net
3	gstatic.com fonts.gstatic.com csi.gstatic.com	16 KB
2	fbsbx.com platform-lookaside.fbsbx.com	4 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	169 B
1	google.de adservice.google.de	247 B
1	googleadservices.com partner.googleadservices.com	643 B
1	media.net contextual.media.net	134 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	76 KB
1	wikimedia.org upload.wikimedia.org	788 B
58	14

	Domain	Requested by
16	static.im-a-puzzle.com	im-a-puzzle.com static.im-a-puzzle.com
7	pagead2.googlesyndication.com	static.im-a-puzzle.com pagead2.googlesyndication.com
7	im-a-puzzle.com	static.im-a-puzzle.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	lh3.googleusercontent.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	csi.gstatic.com	pagead2.googlesyndication.com
2	lh6.googleusercontent.com
2	platform-lookaside.fbsbx.com
2	www.google-analytics.com	im-a-puzzle.com www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	contextual.media.net	static.im-a-puzzle.com
1	lh5.googleusercontent.com
1	lh4.googleusercontent.com
1	fonts.gstatic.com	im-a-puzzle.com
1	maxcdn.bootstrapcdn.com	im-a-puzzle.com
1	upload.wikimedia.org
58	20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.instagram.com
chrome.google.com

Subject Issuer	Validity	Valid
www.im-a-puzzle.com Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2020-11-09` - `2021-11-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://im-a-puzzle.com/
Frame ID: 52CBE6BFD4E4713FBAAB8244C5804CAF
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 7EC3C82F7292C92C9F8DC9498226D9ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4416407714547074&output=html&h=600&slotname=1306733965&adk=1834492738&adf=1939845034&pi=t.ma~as.1306733965&w=300&lmt=1607120810&psa=0&format=300x600&url=https%3A%2F%2Fim-a-puzzle.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607716626146&bpp=5&bdt=1718&idt=119&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6255919150514&rume=1&frm=20&pv=2&ga_vid=958177784.1607716625&ga_sid=1607716626&ga_hid=496357044&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21066613%2C21066614&oid=3&pvsid=514321722326525&pem=534&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfeE%7C&abl=NF&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AqAzLzOIhR&p=https%3A//im-a-puzzle.com&dtd=140
Frame ID: 1AB9B951060C5199C6131915C3EBA5A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4416407714547074&output=html&adk=1812271804&adf=3025194257&lmt=1607120810&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fim-a-puzzle.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607716626153&bpp=4&bdt=1726&idt=143&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=6255919150514&rume=1&frm=20&pv=1&ga_vid=958177784.1607716625&ga_sid=1607716626&ga_hid=496357044&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21066613%2C21066614&oid=3&pvsid=514321722326525&pem=534&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
Frame ID: 3910F3C9E222C86E4F4CF0B3797BA56E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 09B6423AE9796EAA12A7F36FA3E3764B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Frame ID: 0529F08F0F63F46B82B6EDF646D69845
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

58
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

20
Subdomains

16
IPs

4
Countries

1087 kB
Transfer

3697 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/imapuzzlegame/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/imapuzzlegame/
Title: .st0{fill:#1DA1F2;} .st1{fill:#FFFFFF;} Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/im_a_puzzle_game/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/im-a-puzzle/pkfmdnacebbdabkgmadehplhjpciadma

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
im-a-puzzle.com/ 28 KB
9 KB 792ms
190ms Document
text/html 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: 2c4c1a7e4ef2d064ecfb479b03f5b2c2ae477cf9660e0c803cbba240c2116575

Request headers

:method: GET
:authority: im-a-puzzle.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:04 GMT
server: Apache
last-modified: Fri, 04 Dec 2020 22:26:50 GMT
accept-ranges: bytes
cache-control: max-age=86400, public, must-revalidate
expires: Fri, 11 Dec 2020 19:57:04 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9482
content-type: text/html

GET
H2 200 im-a-puzzle-snowman-240.jpg
static.im-a-puzzle.com/images/touch/ 14 KB
15 KB 187ms
30ms Image
image/jpeg 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.im-a-puzzle.com/images/touch/im-a-puzzle-snowman-240.jpg
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c877fb464027042b39116848b72279d9f772ff796f8f7af6ba1174bbf072904

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:04 GMT
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 997792
content-length: 14032
cf-request-id: 06f4f9f0db0000c295b19b4000000001
last-modified: Sun, 29 Nov 2020 21:20:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2BkTGLxThDAxqF1rM9P4ihtlPOHfKKUeCwittyj0hO%2Fh6ogZJQe4RUbSMM9xK3RkGJUDThlRpH9iZ2U9ZrjAXZ9Lov2O%2BaA2PM7aZtrD1SWeXmBKVpadpIhibqLlVMXVhXxR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 29 Dec 2020 21:31:09 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6001c5c7ca25c295-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
cf-bgj: csam-hash

GET
H2 200 vendor-bundle-5f890c517d.js Show response
static.im-a-puzzle.com/scripts/ 697 KB
165 KB 85ms
67ms Script
application/javascript 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebc48723ec8372c53704e40b07df23151761d0c44f39dbaa6938cdfcf8167e18

Request headers

Origin: https://im-a-puzzle.com
Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 594959
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-request-id: 06f4f9f0ec0000d6e93dadb000000001
last-modified: Fri, 04 Dec 2020 22:26:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M3K4ZWel9p0cgw42NN548u1Q0vX%2B3cBYvgkv8jMlCCYu6aweF6bcEDh15kaySdldMQjfMEttvjKx5RdmeGM9PPvEeMOkubceMRqhcW04StxVuuh5wHcJ1JA0geVgoa14q0b2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 6001c5c7dd6dd6e9-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
expires: Sat, 04 Dec 2021 22:26:52 GMT

GET
H2 200 ChromeWebStore_Badge_v2_206x58.png
static.im-a-puzzle.com/images/ 5 KB
5 KB 23ms
22ms Image
image/png 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.im-a-puzzle.com/images/ChromeWebStore_Badge_v2_206x58.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340d8b3ee536394e8691e4c0eeb9917e38236041a5045258c8bd07362ea5efbb

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:04 GMT
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 649544
content-length: 4612
cf-request-id: 06f4f9f15d0000c295d53f1000000001
last-modified: Fri, 04 Aug 2017 20:44:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KG6DB079MrmCiFXkYcRj18vmU3SWCb1egenRASmbsZrcEHhxtuYdMjWkVJmgxNSYjc9vlGfB%2BVH%2BYtCVbyG1PeoBM%2FtppIMbjrQThaFViciZC%2FtsQKjH8rFSvnFEkOyG05hW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
expires: Thu, 24 Dec 2020 20:14:05 GMT
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 6001c5c88bbac295-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
cf-bgj: csam-hash

GET
H2 200 app-bundle-5c0bb027ba.js Show response
static.im-a-puzzle.com/scripts/ 1008 KB
256 KB 44ms
44ms Script
application/javascript 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb13ddb71a17a285bdec304e9e24cd7952ec49fe0f58e4ce51841552d378bccb

Request headers

Origin: https://im-a-puzzle.com
Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 594958
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-request-id: 06f4f9f17c0000d6e93dae6000000001
last-modified: Fri, 04 Dec 2020 22:26:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d%2Fx2KNIAROrIOnp0p%2FK1g89PAajdkNzKeCKPo7BDTz7LAaJ7jFZb7ZMoJ5TWTv6%2BwDAOUVL2X8WqZBLPmtYFnd1cTbGiePSFAOFGqemo3sbkuziQZheAVHydS9G8kXNqyi2Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 6001c5c8cfa1d6e9-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
expires: Sat, 04 Dec 2021 22:26:53 GMT

GET
H2 200 gallery.json Show response
static.im-a-puzzle.com/gallery/ 277 KB
26 KB 187ms
187ms XHR
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/gallery/gallery.json
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e95c2eec799c14813b2503fb2648007e0b805af294a15d25fe53fdbb7ea59a8

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET,PUT,POST,OPTIONS
cf-request-id: 06f4f9f5420000d6e946944000000001
pragma: no-cache
last-modified: Fri, 04 Dec 2020 11:22:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fCPJYCoycLaKoINiwoBwqML38by65e4L%2FOGtHvXCIv41FHzsxgFtG3IQYAr9oigmFcB%2BbE3G4uMnTA%2BfP8VmZkeIlqY9%2F%2FN7k2mGO7KAWkwo79lS7bcEyg8SxQ%2Fs9B5wQznF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 6001c5cedd50d6e9-FRA
access-control-allow-headers: Origin, Accept, Content-Type, Authorization, If-Modified-Since

OPTIONS
H2 200 gallery.json
static.im-a-puzzle.com/gallery/ Frame 0
0 923ms
923ms Other
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/gallery/gallery.json
Protocol: H2
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://im-a-puzzle.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-type: application/json
content-length: 0
allow: OPTIONS,HEAD,GET,POST
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, Authorization, If-Modified-Since
cache-control: public, max-age=86400, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 06f4f9f1a60000d6e92e9e2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z2%2BsTMrx8j6PYuEndtnBizOdzYy5swLn9a5fbDCYPiMyX8MGf9wPPe8MdY0Sp8NbBBRgc6TKRCQbDvWAiKaVsPb2v8OWKkmn41ajBY%2BQ6TDt4aXabFj162wBSdl%2F8KxrzUW1"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6001c5c9085dd6e9-FRA

GET
H2 200 config.json Show response
im-a-puzzle.com/config/ 50 KB
3 KB 189ms
189ms XHR
application/json 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://im-a-puzzle.com/config/config.json
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: 7b10f29927b4499842d6b286e2a37856751f65fb1c80bc8c81a4077257ec1502

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 21:47:04 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 3491
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 389
date: Fri, 11 Dec 2020 19:50:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 11 Dec 2020 21:50:36 GMT

GET
H2 200 1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/ 95 B
788 B 42ms
14ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 11:47:29 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 29376
x-cache-status: hit-front
x-cache: cp3055 hit, cp3063 hit/83297
server-timing: cache;desc="hit-front"
content-length: 95
x-client-ip: 2a01:4f8:121:131a::2
x-object-meta-sha1base36: 1q4na1xj6topzln51tpzqqxtdtdwo9p
last-modified: Sat, 04 Apr 2020 08:42:56 GMT
server: ATS/8.0.8
etag: 71a50dbba44c78128b221b7df7bb51f1
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1585989775.24843
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

OPTIONS
H2 200 consent-needed.php
static.im-a-puzzle.com/service/ Frame 0
0 326ms
326ms Other
text/html 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/service/consent-needed.php
Protocol: H2
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://im-a-puzzle.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://im-a-puzzle.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
vary: User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 06f4f9f3430000d6e903b11000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QBLfnQ8pM0ROFRDLEPl9cH3os%2BeOSsuxMxzIavQ1%2FzohdYI2sh584UUxNaFtIKD%2BhaGkFTOC902A3mrCOcdjJErhfOuTbzUMPuL6IS4hpzaEcrzbroaoAY1L50QqiKTR%2BYEZ"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6001c5cb9e66d6e9-FRA
content-encoding: br

GET
H2 200 consent-needed.php Show response
static.im-a-puzzle.com/service/ 28 B
333 B 319ms
318ms XHR
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/service/consent-needed.php
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142284923e1754049e23cb9c9f0467ac7fee64c79f9f37ff2fb965d8ea619bda

Request headers

Accept: application/json
Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1i%2BCEcd8SM%2BRqJhCzNtFnjzqFx6OE1KSqIEEYmHRnOTgKgtBowaffvPVPhvn80JPM6o7octcm1HGhACcCZFXr%2FaFrVJvzcF%2BVCg19vRCViwWq2VBa%2F8ItIlMnXD7QWc0121l"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://im-a-puzzle.com
access-control-allow-credentials: true
cf-ray: 6001c5cdaaf1d6e9-FRA
cf-request-id: 06f4f9f4890000d6e9d531d000000001

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Origin: https://im-a-puzzle.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

OPTIONS
H2 200 gallery.json
static.im-a-puzzle.com/gallery/ Frame 0
0 221ms
221ms Other
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/gallery/gallery.json
Protocol: H2
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://im-a-puzzle.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-type: application/json
content-length: 0
allow: OPTIONS,HEAD,GET,POST
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, Authorization, If-Modified-Since
cache-control: public, max-age=86400, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 06f4f9f4b10000d6e9fbba0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NFci1F3GQrG6lv8scuoXcumbhOvuggnTZ8pN5AWj26u3wi%2B%2BpQ6fi4ymwew%2FkIpRa4V8U0%2B0Ewy9s1ntnXKenHAIOlk2uJV22g3WC%2BGGrgja7kXrCtqKHKuI2IQ%2BaAGUGB6m"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6001c5cdeb81d6e9-FRA

GET
H2 200 im-a-puzzle-snowman-60.png
static.im-a-puzzle.com/images/touch/ 6 KB
6 KB 33ms
33ms Image
image/png 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.im-a-puzzle.com/images/touch/im-a-puzzle-snowman-60.png
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99839a6ba8d4f80b34ccb148c76125c9504c143307486a040be2a58330679031

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1031399
content-length: 5887
cf-request-id: 06f4f9f47d0000c295fabd6000000001
last-modified: Sun, 29 Nov 2020 21:20:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2B0qxf0eR41nIHpkECtXOQuqw2sQ0NfnZfj4x4HPOg7x1lXKI5kjfW%2BL8sDuij9EhDj7UrpM%2B9iFIMBCa0cL%2FDVVCdPsHbBLVpp7IYzYxDPLfB2Yz8KvQI%2Fzt5hn3EIXXR%2B9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
expires: Tue, 29 Dec 2020 21:27:06 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6001c5cd982fc295-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
cf-bgj: csam-hash

GET
H2 200 im-a-puzzle-snowman-40.png
static.im-a-puzzle.com/images/touch/ 4 KB
4 KB 16ms
16ms Image
image/png 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.im-a-puzzle.com/images/touch/im-a-puzzle-snowman-40.png
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04dc4bda1509b3870849dc56ed5868a718afc23aa797427ff40bbf6cd7140e9e

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 149232
content-length: 3879
cf-request-id: 06f4f9f4810000c295d0a8d000000001
last-modified: Sun, 29 Nov 2020 14:10:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6stiEiIgoeUjWaTOCsEO6bAC8gnfqq3aj%2Bn30PqT9qDQtUASAXtba7gDNfxrBK%2BiFL0q8QyvVdSYJQRtc%2FYg%2BHPP%2B3ANyfNVN6pGC4C1WQ8mVV3%2BKHIHteDadjboD7AKElz7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
expires: Tue, 29 Dec 2020 14:14:18 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6001c5cd983ec295-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
cf-bgj: csam-hash

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 25ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://im-a-puzzle.com
Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://im-a-puzzle.com
Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 04:00:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:11 GMT
server: sffe
age: 402975
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
expires: Tue, 07 Dec 2021 04:00:50 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=496357044&t=pageview&_s=1&dl=https%3A%2F%2Fim-a-puzzle.com%2F&ul=en-us&de=UTF-8&dt=I%27m%20a%20Puzzle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=729336246&gjid=1916172432&cid=958177784.1607716625&tid=UA-102222136-1&_gid=2124277856.1607716625&_r=1&_slc=1&z=1870460375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://im-a-puzzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gallery.json Show response
static.im-a-puzzle.com/gallery/ 277 KB
26 KB 203ms
203ms XHR
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/gallery/gallery.json
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e95c2eec799c14813b2503fb2648007e0b805af294a15d25fe53fdbb7ea59a8

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET,PUT,POST,OPTIONS
cf-request-id: 06f4f9f58d0000d6e929bc7000000001
pragma: no-cache
last-modified: Fri, 04 Dec 2020 11:22:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=khy8IXV18%2BaHowdT2I1CIr1gTjqRxVC%2FMcmSdyFD0UPqD5v%2B51HUVGrkgpK1YKHl00f8Sych7k5zHiYYxr2KfH%2F40AgpP5vIo8vUYHTIrvLxedHo1LdTAxzQ2rNFT0Vp6rYC"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 6001c5cf4e87d6e9-FRA
access-control-allow-headers: Origin, Accept, Content-Type, Authorization, If-Modified-Since

GET
H2 200 getWeeklyLeaderboard Show response
im-a-puzzle.com/service/ 4 KB
2 KB 333ms
332ms XHR
application/json 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://im-a-puzzle.com/service/getWeeklyLeaderboard?
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: 3bf27a40d1a673e1ca7129e6e559a65eb6abbc9a72da04bf2fec791d44aea059

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 1884
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 stats Show response
im-a-puzzle.com/service/ 16 B
68 B 707ms
706ms XHR
application/json 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://im-a-puzzle.com/service/stats?c=a1e5a3e73fc83938761b479f645bad7a&t=I%27m%20a%20Puzzle&l=en-US&u=https%3A%2F%2Fim-a-puzzle.com%2F&r=&s=f5b5c24c-98c2-f1cf-0dbb-1b9b807314d9
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 36
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 ChromeWebStore_Badge_v2_206x58.png
im-a-puzzle.com/images/ 5 KB
5 KB 198ms
197ms Image
image/png 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im-a-puzzle.com/images/ChromeWebStore_Badge_v2_206x58.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: 340d8b3ee536394e8691e4c0eeb9917e38236041a5045258c8bd07362ea5efbb

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
last-modified: Fri, 04 Aug 2017 20:44:17 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
content-length: 4612
expires: Sun, 10 Jan 2021 19:57:05 GMT

GET
H2 200 getStats.json Show response
static.im-a-puzzle.com/service/cache/ 63 KB
16 KB 256ms
256ms XHR
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/service/cache/getStats.json
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddbacb8382fa9ecb41521e2912d08b9713c7ad0d94dd9be032bc5cf3987c1c

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
cf-request-id: 06f4f9f5a30000d6e9e29fd000000001
pragma: no-cache
last-modified: Fri, 11 Dec 2020 19:50:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f89SuxbXc1hoKQIZtfrYpwUuGs8PGmgKY%2FSIrly1MnzSq9G4KQmH2lBhg%2BkZbqgX0aEm3QJQg%2F1Q3U9heGnZ56%2F5Z3WoOfAxAZvIjQdyNrI8jzXdzafXUkB8xrS%2FZyBrMncT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 6001c5cf6edcd6e9-FRA
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, X-Authorization
expires: Wed, 11 Jan 1984 05:00:00 GMT

OPTIONS
H2 200 getStats.json
static.im-a-puzzle.com/service/cache/ Frame 0
0 227ms
226ms Other
application/json 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.im-a-puzzle.com/service/cache/getStats.json
Protocol: H2
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://im-a-puzzle.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Dec 2020 19:57:05 GMT
content-type: application/json
content-length: 0
allow: OPTIONS,HEAD,GET,POST
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, X-Authorization
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cf-cache-status: DYNAMIC
cf-request-id: 06f4f9f4c00000d6e929bb3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XxfJoEcMRTC84Ea%2BmmM9Q4bzWFZ6t8YdYxRFyBV%2BD1RtdZec2gVXkqsD1jBmzTb01jjn8NV1RiMYAwYPw4UFuKmP74CDkfCGwQg6u6q7R24VKkMJMXoJr%2FUB2%2BFqt4XiVbQk"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6001c5ce0bc2d6e9-FRA

GET
H2 200 getForMe Show response
im-a-puzzle.com/service/ 325 B
266 B 213ms
212ms XHR
application/json 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://im-a-puzzle.com/service/getForMe?c=a1e5a3e73fc83938761b479f645bad7a
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: 4127ae6067d035231caa36abb4a1771dae9444f8288d71a8040fbd35535a59a6

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 233
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 getMySharedPuzzles Show response
im-a-puzzle.com/service/ 2 B
54 B 1217ms
1216ms XHR
application/json 75.119.203.147
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://im-a-puzzle.com/service/getMySharedPuzzles?i=3&c=a1e5a3e73fc83938761b479f645bad7a&u=0
Requested by: Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/vendor-bundle-5f890c517d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.203.147 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-twiddle.caldera.dreamhost.com
Software: Apache /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:05 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 22
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 photo.jpg
lh4.googleusercontent.com/-6ToXPTthTAw/AAAAAAAAAAI/AAAAAAAAAAA/AMZuuclIN5WZ7n8rleY6AyLQqoS0YIkWjQ/s96-c/ 1 KB
2 KB 33ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/-6ToXPTthTAw/AAAAAAAAAAI/AAAAAAAAAAA/AMZuuclIN5WZ7n8rleY6AyLQqoS0YIkWjQ/s96-c/photo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

88738fdc70a854238c2f20c8d77d4a7d7b73c61942da13e34a4e1461765408f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:41:45 GMT
x-content-type-options: nosniff
server: fife
age: 8120
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1323
x-xss-protection: 0
expires: Sat, 12 Dec 2020 17:41:45 GMT

GET
H2 200 AOh14Gj1vhDxokTD60MH4B9QnpacZXqQ9BD7bHfy7_NJ5Q=s96-c
lh3.googleusercontent.com/a-/ 3 KB
3 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gj1vhDxokTD60MH4B9QnpacZXqQ9BD7bHfy7_NJ5Q=s96-c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9948ec3d8dbedd1624530756b1bcacd526ee950215ace87960b8897ab0f070f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:47:36 GMT
x-content-type-options: nosniff
age: 7769
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3203
x-xss-protection: 0
server: fife
etag: "v13e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Dec 2020 13:46:18 GMT

GET
H2 200 photo.jpg
lh5.googleusercontent.com/-9VpPQhNm_JE/AAAAAAAAAAI/AAAAAAAAAAA/Wz7T1VwffuE/s96-c/ 567 B
948 B 34ms
8ms Image
image/png 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/-9VpPQhNm_JE/AAAAAAAAAAI/AAAAAAAAAAA/Wz7T1VwffuE/s96-c/photo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11df7b8d04112f9d4513efbc8ca43524c3acf99158519da7055a8ff5fe8f5309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:41:46 GMT
x-content-type-options: nosniff
server: fife
age: 8119
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 567
x-xss-protection: 0
expires: Sat, 12 Dec 2020 17:41:46 GMT

GET
H2 200 AOh14GjaMDNd4dZYpiMdQ2opKQyHkGCy0KJr47j1w3d6DA=s96-c
lh3.googleusercontent.com/a-/ 3 KB
4 KB 31ms
6ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjaMDNd4dZYpiMdQ2opKQyHkGCy0KJr47j1w3d6DA=s96-c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ebc88d44f7923fb3a6c48bdca08f745859a6f42a80818dc3e5e499873d56d5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:47:36 GMT
x-content-type-options: nosniff
age: 7769
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3513
x-xss-protection: 0
server: fife
etag: "v505"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Dec 2020 13:46:18 GMT

GET
H2 200 /
platform-lookaside.fbsbx.com/platform/profilepic/ 2 KB
2 KB 51ms
46ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=328022694832997&height=50&width=50&ext=1610291150&hash=AeQsxneEQIolxYE4MlM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 61e4a121ccd033b21626b7716cdb21f7f97cabcbffdd36fed8aaa6f7b48b6059

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 981371763
date: Fri, 11 Dec 2020 19:57:05 GMT
last-modified: Thu, 22 Nov 2018 08:41:50 GMT
x-needle-checksum: 922962648
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
x-content-id: 141865506782051
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-fb-config-version-olb-prod: 971
content-length: 1730

GET
H2 200 photo.jpg
lh3.googleusercontent.com/-FqT39sLzdQ4/AAAAAAAAAAI/AAAAAAAAAAA/AMZuucnfTviAjtxeHAXbWlHMGdZirwmNmQ/s96-c/ 1 KB
1 KB 35ms
10ms Image
image/png 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-FqT39sLzdQ4/AAAAAAAAAAI/AAAAAAAAAAA/AMZuucnfTviAjtxeHAXbWlHMGdZirwmNmQ/s96-c/photo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5357a6c9dc5b5b150f01192313e41552958d17c72b21cefe0d70296b04bb5a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:41:46 GMT
x-content-type-options: nosniff
server: fife
age: 8119
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1031
x-xss-protection: 0
expires: Sat, 12 Dec 2020 17:41:46 GMT

GET
H2 200 AOh14GhrtLjyL0Y0RyARhsojPE51XOROQ80O1ZJNv3Ro=s96-c
lh3.googleusercontent.com/a-/ 3 KB
3 KB 34ms
10ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhrtLjyL0Y0RyARhsojPE51XOROQ80O1ZJNv3Ro=s96-c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0e584542aa98302ef6383abeeef61e9aafc12d97c05862f04edc6dbd411d6ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:47:36 GMT
x-content-type-options: nosniff
age: 7769
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3165
x-xss-protection: 0
server: fife
etag: "v49"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Dec 2020 13:46:18 GMT

GET
H2 200 /
platform-lookaside.fbsbx.com/platform/profilepic/ 2 KB
2 KB 33ms
30ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10221599367311493&height=50&width=50&ext=1610172099&hash=AeT2qPc79oHAQuRO_Rw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7ff30ef94adb01315eeb11697457f2621e6dc319a1a074b6afce4a3492abccec

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 3214656588
date: Fri, 11 Dec 2020 19:57:05 GMT
last-modified: Mon, 07 Aug 2017 20:06:39 GMT
x-needle-checksum: 4291763118
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
x-content-id: 10214225489849165
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-fb-config-version-olb-prod: 971
content-length: 1728

GET
H2 200 photo.jpg
lh6.googleusercontent.com/-APIwNooq5PI/AAAAAAAAAAI/AAAAAAAAAAA/AMZuucnrRPex47TJjm-TG0jEmUfrFFjozg/s96-c/ 1 KB
2 KB 32ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-APIwNooq5PI/AAAAAAAAAAI/AAAAAAAAAAA/AMZuucnrRPex47TJjm-TG0jEmUfrFFjozg/s96-c/photo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a7d3408fd9ad835ed429620150cb4e3cb5abb990934eca56a563be127979bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:47:36 GMT
x-content-type-options: nosniff
server: fife
age: 7769
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
expires: Sat, 12 Dec 2020 17:47:36 GMT

GET
H2 200 photo.jpg
lh6.googleusercontent.com/--usTnNKbZcA/AAAAAAAAAAI/AAAAAAAAAAA/AMZuucmkWM9_TvZGVdXPd6hGrIlwyMdeAQ/s96-c/ 405 B
467 B 32ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/--usTnNKbZcA/AAAAAAAAAAI/AAAAAAAAAAA/AMZuucmkWM9_TvZGVdXPd6hGrIlwyMdeAQ/s96-c/photo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ed1d6e23a075cb854e36f0f3625410c9d76a6b41aabcebc1764d5ae88959f018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 17:47:36 GMT
x-content-type-options: nosniff
server: fife
age: 7769
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405
x-xss-protection: 0
expires: Sat, 12 Dec 2020 17:47:36 GMT

GET
H2 200 French-breakfast_240x.jpg
static.im-a-puzzle.com/gallery/Miscellaneous/Food/ 16 KB
17 KB 18ms
17ms Image
image/jpeg 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.im-a-puzzle.com/gallery/Miscellaneous/Food/French-breakfast_240x.jpg
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45952ccfdec576ae4aa00912fd15cd450579d61264f7477c1c96e76452d89922

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
access-control-allow-methods: GET,PUT,POST,OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 83371
content-length: 16529
cf-request-id: 06f4f9f6880000c2958b026000000001
last-modified: Mon, 30 Nov 2020 17:22:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DnAQWq7Kh5XMBsS8x31sxYlcSgwFOdcRm09WC%2BaRdr2zxqqHRwb2VUzGhu5wa4DffLfhTi76sgo8YonqtPVp1k6T6ef6PVlar8FtN6foyTfbYbn4VKxBH%2BmtZyONTMOIRmvY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 09 Jan 2021 06:47:49 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6001c5d0de77c295-FRA
access-control-allow-headers: Origin, Accept, Content-Type, Authorization, If-Modified-Since
cf-bgj: csam-hash

GET
H2 200 A_hearthy_watermelon_240x.jpg
static.im-a-puzzle.com/gallery/Miscellaneous/Food/ 18 KB
18 KB 19ms
19ms Image
image/jpeg 2606:4700:3031::681c:1ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.im-a-puzzle.com/gallery/Miscellaneous/Food/A_hearthy_watermelon_240x.jpg
Requested by: Host: im-a-puzzle.com
URL: https://im-a-puzzle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f7ef1864f0cf06f131a5e8a32ccc52cff4cca7b25779e78431899583e689288

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
access-control-allow-methods: GET,PUT,POST,OPTIONS
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1076972
content-length: 18224
cf-request-id: 06f4f9f6880000c295b1305000000001
last-modified: Mon, 03 Aug 2020 18:59:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IKYZzTfcOSrQtEzrWo05MgQwcBM%2BhP77O%2FW3alvrjD1Pshh3Ze3Fu73%2FJTAo%2BFEWQnZPb2N3PgyEnswmXh8MweEbssEZqUJtxho3I4ja6o7aE5mEumqVLYMMXJOXIgNpQSYG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 29 Nov 2020 11:39:31 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6001c5d0de7ac295-FRA
access-control-allow-headers: Origin, Accept, Content-Type, Authorization, If-Modified-Since
cf-bgj: csam-hash

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c300b2811698bc68ed2928ff2686ed40e21753f1d308956268f567ab2149e576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47065
x-xss-protection: 0
server: cafe
etag: 860246916715892492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Dec 2020 19:57:06 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 414 KB
134 KB 87ms
51ms Script
text/javascript 104.84.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUP6IK6H

Requested by

Host: static.im-a-puzzle.com
URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.24 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d4d88dadbd9fd7824622358fa34ac5718d3a750b6d29b2c80a8f1bba4f317d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h: 10-8
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "3ec8a27f0e7419bb9170bcb9dbadb840"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Fri, 11 Dec 2020 19:57:06 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-9
expires: Fri, 11 Dec 2020 20:02:06 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 61ms
46ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Dec 2020 19:57:06 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 7EC3 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://im-a-puzzle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://im-a-puzzle.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 11 Dec 2020 09:58:13 GMT
expires: Fri, 25 Dec 2020 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 35933
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 49 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5fc863c843ee0f76c21528a7268e27e2e64b6f376914fb2b204c7404893412f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 13:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19702
x-xss-protection: 0
server: cafe
etag: 1588966909384457121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Dec 2020 13:57:34 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
643 B 55ms
23ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=im-a-puzzle.com&callback=_gfp_s_&client=ca-pub-4416407714547074

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

dc6efa349d0344d81997ef3f4c1b2eeed5119e5dba3e555edb73a1f5b4b1b8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
247 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=im-a-puzzle.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=im-a-puzzle.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1AB9 0
0 314ms
312ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4416407714547074&output=html&h=600&slotname=1306733965&adk=1834492738&adf=1939845034&pi=t.ma~as.1306733965&w=300&lmt=1607120810&psa=0&format=300x600&url=https%3A%2F%2Fim-a-puzzle.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607716626146&bpp=5&bdt=1718&idt=119&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6255919150514&rume=1&frm=20&pv=2&ga_vid=958177784.1607716625&ga_sid=1607716626&ga_hid=496357044&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21066613%2C21066614&oid=3&pvsid=514321722326525&pem=534&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfeE%7C&abl=NF&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AqAzLzOIhR&p=https%3A//im-a-puzzle.com&dtd=140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4416407714547074&output=html&h=600&slotname=1306733965&adk=1834492738&adf=1939845034&pi=t.ma~as.1306733965&w=300&lmt=1607120810&psa=0&format=300x600&url=https%3A%2F%2Fim-a-puzzle.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607716626146&bpp=5&bdt=1718&idt=119&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6255919150514&rume=1&frm=20&pv=2&ga_vid=958177784.1607716625&ga_sid=1607716626&ga_hid=496357044&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21066613%2C21066614&oid=3&pvsid=514321722326525&pem=534&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfeE%7C&abl=NF&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AqAzLzOIhR&p=https%3A//im-a-puzzle.com&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://im-a-puzzle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://im-a-puzzle.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Dec 2020 19:57:06 GMT
server: cafe
content-length: 22740
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Dec-2020 20:12:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Dec 2020 19:57:06 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 58ms
43ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c551b1a6ecae0820d5cfa95ecb81b4a2de9f81e4afcf9305551f7051e54a4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6574
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232aefdba529e089a651b9ae0a1f9e9abcd5b62e629bd1031a9f491742bcb4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607561515382827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:57:06 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fim-a-puzzle.com%2F&tn=DIV&id=main-menu-overlay&cls=au-target%20overlay%20main-menu%20main-menu-mode-2%20lng-en&ign=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3910 0
0 306ms
306ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4416407714547074&output=html&adk=1812271804&adf=3025194257&lmt=1607120810&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fim-a-puzzle.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607716626153&bpp=4&bdt=1726&idt=143&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=6255919150514&rume=1&frm=20&pv=1&ga_vid=958177784.1607716625&ga_sid=1607716626&ga_hid=496357044&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21066613%2C21066614&oid=3&pvsid=514321722326525&pem=534&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4416407714547074&output=html&adk=1812271804&adf=3025194257&lmt=1607120810&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fim-a-puzzle.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607716626153&bpp=4&bdt=1726&idt=143&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=6255919150514&rume=1&frm=20&pv=1&ga_vid=958177784.1607716625&ga_sid=1607716626&ga_hid=496357044&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21066613%2C21066614&oid=3&pvsid=514321722326525&pem=534&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://im-a-puzzle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://im-a-puzzle.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Dec 2020 19:57:06 GMT
server: cafe
content-length: 39392
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Dec-2020 20:12:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Dec 2020 19:57:06 GMT
cache-control: private

POST
H2 204 csi
csi.gstatic.com/ 0
331 B 367ms
134ms Other
image/gif 2607:f8b0:4003:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kikoyw7a&c=514321722326525&e=21068083%2C21066613%2C21066614&ctx=1&met.3=326.219_2~161.21b~639.21x~160.21x~326.220~161.221~639.228~160.228~189.228~189.22a~113.22f_1~112.22e_2&met.1=1.kikoyu4w~6.0~7.1~8.5l~9.5l~10.gq~11.5u~12.gq~13.m0~14.qt~15.m4~16.u1~17.u1~18.u1~19.u1~20.u1~21.u2~22.na~23.na
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/rum_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c11::78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 366ms
134ms Other
image/gif 2607:f8b0:4003:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kikoyw7c&c=514321722326525&e=21068083%2C21066613%2C21066614&ctx=1&met.1=1.kikoyu4w~6.0~7.1~8.5l~9.5l~10.gq~11.5u~12.gq~13.m0~14.qt~15.m4~16.u1~17.u1~18.u1~19.u1~20.u1~21.u2~22.na~23.na&met.3=113.22g~112.22g
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/rum_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c11::78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:57:06 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 09B6 0
0 33ms
20ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://im-a-puzzle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://im-a-puzzle.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 11 Dec 2020 19:18:12 GMT
expires: Sat, 11 Dec 2021 19:18:12 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2334
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=514321722326525&bg=!bG-lb0_NAAUbEDgJG1gXLVa_HlWGWwIAAABgUgAAAAdoAQcKASQxtS0AdYCNGgmqEpipK3ZXIAD2x3cRorM_xgVF85jullGsf2Ju43ISr1l658_oMx0Z7LEjYz5GZPiAVNGTPvrMErviV8wRbzw1874Y-DPVk-C0wXLqiIgkGkH3C-tCqyK72JycTc5jovn5Nxpg6gmFnKFQxQBGLe9O2uiIvN_IkabaNMb0ZBNC7yqIP7j6hdgmWiMNZYOeWYQm90-7mpucHAwCP-goZngxJjub-YYIPy-sTPnjVMTheximgwmncd41VkdOdm7plhk2_W7kVVX4oV166aKn9_SGOhFPWBlLCYuGvHgtXuxftdAXjaeEAOlKcbO8OxtqoLjWt-NF08lvt3ZC2oS6aL2MA7dCTR8Xrx-aMf2dq9qtadzUHaScXEJwr6AcmQHI0p3zhlphmrtK2_8Rx_DElIvkUew4DRkiTkp3DpEW568XL3TGl_DMfTcBzzTRa3Cttyvk_zTMA0BcOlMepcomJCZYw99LkovfgpO6QjbQ1OZRMU3EXE6QLSXbtvIJ-9LAr5HI2n2iTxKLdvH1QbqaL4nYZfW-RW6sOnsVTGnAmiNGsxQZ_CZs6_LYXGB9eQWmbb-dKsp-1gHPtNQn5Z72_ubuCpV4ajReUfreM9ZLPUvCLI46h0KHPuxOyAFJqDGkDFvvPaejFdaIx6HElEX3rNfQhNJsWXMKy4njbHBgSLrFT_EDITLjywtNEujycPu_KgN3C7LoBXa-fYDtDRa4p9MrbwUpQC6OAdi0YYFgg6e8xs69Dp9c4AfHrHTGwkMWKZSStJ1hqxbPhMfF9WY06arRW1ENjxs95PGvqY06d-3z3hkAgKNu4QVfB9XOtHkhWv9rmpQyjoW8TctYCD5Djh5dfwgyxOtWMdJIKhCz7jYJ-5Ucxv1sA5ZyQujr4C8-bSYEySfhScEiGwov-L-RY9gK-ZmZQlY95BF7YJwN9jYxicT4baJzcWniQN1CgikkZJryle13NkTug7hVp2g7VL-6-6ml3FoN

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:57:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 145 KB
52 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://im-a-puzzle.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 53263
x-xss-protection: 0
server: cafe
etag: 8848748755015014073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Dec 2020 19:57:06 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 0529 0
0 7ms
6ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://im-a-puzzle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-Da2q3G4ceRzf-QrZ84ej4qUTzU-xdgnPM03_qdHXbloQveSFh5m4UlZp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://im-a-puzzle.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 11 Dec 2020 10:35:23 GMT
expires: Fri, 25 Dec 2020 10:35:23 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 33703
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.im-a-puzzle.com/	1970-01-19 15:18:28	Name: __cfduid Value: dfddd85e68c5396fabe0d888a7d81bce31607716624

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://im-a-puzzle.com/(Line 96) Message: [SrvWrk] Service worker registered for scope: https://im-a-puzzle.com/
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 9) Message: Init GameController
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 1) Message: Init App. active locale en-US
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 1) Message: Supports webp: undefined
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 2) Message: Entered MainMenu constructor
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 10) Message: Entered ImagePreview constructor
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 1) Message: Attached App.ts
console-api	debug	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 16) Message: Not loading thumbnails now
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 2) Message: Partner set to null
console-api	debug	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 2) Message: For me loaded: true
console-api	debug	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 6) Message: Gallery loaded
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 6) Message: Gallery Bosnia has no child to get the thumbnail
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 6) Message: Gallery Sri Lanka has no child to get the thumbnail
console-api	debug	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 2) Message: For me built
console-api	debug	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 16) Message: Loading thumbnails now
console-api	log	URL: https://static.im-a-puzzle.com/scripts/app-bundle-5c0bb027ba.js(Line 2) Message: Partner set to null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
contextual.media.net
csi.gstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
im-a-puzzle.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-lookaside.fbsbx.com
static.im-a-puzzle.com
tpc.googlesyndication.com
upload.wikimedia.org
www.google-analytics.com
www.googletagservices.com
104.84.56.24
172.217.21.226
2001:4de0:ac19::1:b:2b
2606:4700:3031::681c:1ca8
2607:f8b0:4003:c11::78
2620:0:862:ed1a::2:b
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:815::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2002
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a03:2880:f01c:8012:face:b00c:0:3
75.119.203.147
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04dc4bda1509b3870849dc56ed5868a718afc23aa797427ff40bbf6cd7140e9e
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0e584542aa98302ef6383abeeef61e9aafc12d97c05862f04edc6dbd411d6ec7
11df7b8d04112f9d4513efbc8ca43524c3acf99158519da7055a8ff5fe8f5309
142284923e1754049e23cb9c9f0467ac7fee64c79f9f37ff2fb965d8ea619bda
232aefdba529e089a651b9ae0a1f9e9abcd5b62e629bd1031a9f491742bcb4de
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4c1a7e4ef2d064ecfb479b03f5b2c2ae477cf9660e0c803cbba240c2116575
340d8b3ee536394e8691e4c0eeb9917e38236041a5045258c8bd07362ea5efbb
3bf27a40d1a673e1ca7129e6e559a65eb6abbc9a72da04bf2fec791d44aea059
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4127ae6067d035231caa36abb4a1771dae9444f8288d71a8040fbd35535a59a6
45952ccfdec576ae4aa00912fd15cd450579d61264f7477c1c96e76452d89922
4c877fb464027042b39116848b72279d9f772ff796f8f7af6ba1174bbf072904
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5357a6c9dc5b5b150f01192313e41552958d17c72b21cefe0d70296b04bb5a03
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
61e4a121ccd033b21626b7716cdb21f7f97cabcbffdd36fed8aaa6f7b48b6059
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
7a7d3408fd9ad835ed429620150cb4e3cb5abb990934eca56a563be127979bc1
7b10f29927b4499842d6b286e2a37856751f65fb1c80bc8c81a4077257ec1502
7f7ef1864f0cf06f131a5e8a32ccc52cff4cca7b25779e78431899583e689288
7ff30ef94adb01315eeb11697457f2621e6dc319a1a074b6afce4a3492abccec
88738fdc70a854238c2f20c8d77d4a7d7b73c61942da13e34a4e1461765408f3
99839a6ba8d4f80b34ccb148c76125c9504c143307486a040be2a58330679031
9e95c2eec799c14813b2503fb2648007e0b805af294a15d25fe53fdbb7ea59a8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b5fc863c843ee0f76c21528a7268e27e2e64b6f376914fb2b204c7404893412f
c300b2811698bc68ed2928ff2686ed40e21753f1d308956268f567ab2149e576
c551b1a6ecae0820d5cfa95ecb81b4a2de9f81e4afcf9305551f7051e54a4261
c5ddbacb8382fa9ecb41521e2912d08b9713c7ad0d94dd9be032bc5cf3987c1c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb13ddb71a17a285bdec304e9e24cd7952ec49fe0f58e4ce51841552d378bccb
d4d88dadbd9fd7824622358fa34ac5718d3a750b6d29b2c80a8f1bba4f317d4f
dc6efa349d0344d81997ef3f4c1b2eeed5119e5dba3e555edb73a1f5b4b1b8b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9948ec3d8dbedd1624530756b1bcacd526ee950215ace87960b8897ab0f070f
ebc48723ec8372c53704e40b07df23151761d0c44f39dbaa6938cdfcf8167e18
ebc88d44f7923fb3a6c48bdca08f745859a6f42a80818dc3e5e499873d56d5d5
ed1d6e23a075cb854e36f0f3625410c9d76a6b41aabcebc1764d5ae88959f018
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

im-a-puzzle.com Open in urlscan Pro 75.119.203.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

80 %IPv6

14 Domains

20 Subdomains

16 IPs

4 Countries

1087 kBTransfer

3697 kBSize

1 Cookies

4 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

im-a-puzzle.com Open in urlscan Pro
75.119.203.147 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

20
Subdomains

16
IPs

4
Countries

1087 kB
Transfer

3697 kB
Size

1
Cookies

58 HTTP transactions
1 data transactions