puzzhetherme.tk Open in urlscan Pro
2606:4700:3035::6815:232c Public Scan

Go To Rescan
Add Verdict Report

URL:
http://puzzhetherme.tk/
Submission: On December 14 via api (December 14th 2023, 7:20:59 am UTC) from GB — Scanned from GB

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::6815:232c, located in United States and belongs to CLOUDFLARENET, US. The main domain is puzzhetherme.tk.

This is the only time puzzhetherme.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::6815:232c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:197c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:16a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.32.235.171 212.32.235.171	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
15	7

1 2606:4700:3035::6815:232c (United States)

ASN13335 (CLOUDFLARENET, US)

puzzhetherme.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntest.db.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:197c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

neskaties.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:16a (United States)

ASN13335 (CLOUDFLARENET, US)

tv3cdn.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.235.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: flirtavieta.com

flirtavieta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gstatic.com fonts.gstatic.com	180 KB
2	flirtavieta.com flirtavieta.com	18 KB
1	tv3cdn.lv tv3cdn.lv	21 KB
1	neskaties.lv 1 redirects neskaties.lv	520 B
1	db.lv cdntest.db.lv	91 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	puzzhetherme.tk puzzhetherme.tk	19 KB
15	8

	Domain	Requested by
8	fonts.gstatic.com	fonts.googleapis.com
2	flirtavieta.com	puzzhetherme.tk
1	tv3cdn.lv	puzzhetherme.tk
1	neskaties.lv	1 redirects
1	cdntest.db.lv	puzzhetherme.tk
1	cdnjs.cloudflare.com	puzzhetherme.tk
1	fonts.googleapis.com	puzzhetherme.tk
1	puzzhetherme.tk
15	8

This site contains no links.

Subject Issuer	Validity	Valid
db.lv E1	`2023-10-19` - `2024-01-17`	3 months	crt.sh
flirtavieta.com R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://puzzhetherme.tk/
Frame ID: 35905237CF527746E1D4FC819BD03B22
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Karantīnu nosaka vēl vienai Olaines 2.vidusskolas klasei un trim pedagogiem

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

20 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

350 kB
Transfer

555 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

Request Chain 3

https://neskaties.lv/thumbnails/672x384/2020/08/b803-5f4cab7553a7d-scaled.jpg HTTP 301
https://tv3cdn.lv/thumbnails/672x384/2020/08/b803-5f4cab7553a7d-scaled.jpg

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
puzzhetherme.tk/ 49 KB
19 KB 299ms
101ms Document
text/html 2606:4700:3035::6815:232c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://puzzhetherme.tk/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:232c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02978a543137f33f30b1c3340d0ea519d2c325462ea8ae1a53a764a3bb22b15c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8354afdae8e07791-LHR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Dec 2023 07:20:54 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVNYIPTqMcszyttuu%2FRJwScxGaLGeYZe4KtdFpeJZjgcHxEEBgNnBTFKg9oktwpysCUhJVcQt1TDzD5kkTOFpjeA%2B34cjfpde9UzIwBOlyX8bVPWdHMnK8OREwCqyqkZs4eZ9ToKH1sxBETbwEs%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK css
fonts.googleapis.com/ 46 KB
2 KB 82ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i

Requested by

Host: puzzhetherme.tk
URL: http://puzzhetherme.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8388af9eac70f6555278bfa28fc878255c7383d76258cf1b9a8edbde3501f17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://puzzhetherme.tk/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Thu, 14 Dec 2023 07:20:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 14 Dec 2023 07:20:54 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 14 Dec 2023 07:20:54 GMT

GET
H2

200

bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

157 KB
18 KB

81ms
30ms

Stylesheet
text/css

2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: puzzhetherme.tk
URL: http://puzzhetherme.tk/

Protocol

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://puzzhetherme.tk/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 14 Dec 2023 07:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1225583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17550
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f2c377f-2722e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob0G5DCFo%2FbNkngSmuZsMkDlWeybY2jsWLvczGzO47l5NBJhdKh%2FjRJW0uab3m4lOIw5L74Qj5lGxsT%2FP2K%2FEIj2ood6IEu09GX24Vf%2FvhEDxJMOHIpyOtprlBAcU7nLCoXJt1G4A%2FYbn8aP4lYwyBgE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8354afdbe93a23e2-LHR
expires: Tue, 03 Dec 2024 07:20:54 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://puzzhetherme.tk
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 500737__6006bdec42601.jpg
cdntest.db.lv/lvold/1200/2019/articles/2021/01/ 91 KB
91 KB 257ms
193ms Image
image/jpg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdntest.db.lv/lvold/1200/2019/articles/2021/01/500737__6006bdec42601.jpg
Requested by: Host: puzzhetherme.tk
URL: http://puzzhetherme.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e67cd2a5072280bbf8d5c28a3cb2ec7d5b9050af959e6064637eeb9af54b6e93

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://puzzhetherme.tk/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 14 Dec 2023 07:20:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"16a75-h3aP1uQ92EVSD7zDchmWDZ2gTWs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOecOb6siQ4DlLd5i7VbYqxJeneNMfvpSM8%2Bt2h%2BBKDuuz6s1Xi2CnFa6RkLWy4O5pSDstQEWAgWFxWHWy%2F5DGdjuAPc43rnkCTfda3xb108Fbc3ApP7wujBcSewPUOIXumR84n4JieU9vlQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: public, max-age=31557600, s-maxage=31557600
accept-ranges: bytes
cf-ray: 8354afdbfde43da9-LHR
alt-svc: h3=":443"; ma=86400
content-length: 92789

GET
H2

200

b803-5f4cab7553a7d-scaled.jpg
tv3cdn.lv/thumbnails/672x384/2020/08/
Redirect Chain

https://neskaties.lv/thumbnails/672x384/2020/08/b803-5f4cab7553a7d-scaled.jpg
https://tv3cdn.lv/thumbnails/672x384/2020/08/b803-5f4cab7553a7d-scaled.jpg

21 KB
21 KB

387ms
325ms

Image
image/jpeg

2606:4700:20::681a:16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tv3cdn.lv/thumbnails/672x384/2020/08/b803-5f4cab7553a7d-scaled.jpg

Requested by

Host: puzzhetherme.tk
URL: http://puzzhetherme.tk/

Protocol

Server

2606:4700:20::681a:16a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68d497969ddb4a1e1927ea05f942249fc5a6e3b51fdebce0c97b39864e1f5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://puzzhetherme.tk/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 14 Dec 2023 07:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20996
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 07:20:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QwX0yzrB69Ri4gzbKNxGxJeAA%2FOJ7G9e4YskiIRfMTzVl5W0LafA2Z%2FN8hw4hHiUIVU5U3Kx6lwi7GLzqv5H6fxj6k%2FocUf07HWk4jkk5LEEpnzKlq0D%2BXrHxomGvwVMT2dgwqF3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8354afdccce17785-LHR

Redirect headers

date: Thu, 14 Dec 2023 07:20:54 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pknn1OBYjgk8HBTKgVbv0bcsOY1rx3FUWZPCagMNg63fIXEfOc9QWul6hRD2KfbgxGaL9GgSn9vMA4J0CnYGdNbGDNYwrPoiu0QHSITOJHNK87Q%2FA5KuKmOuLbveYTqQvdYOSyJnteWXlSw%3D"}],"group":"cf-nel","max_age":604800}
location: https://tv3cdn.lv/thumbnails/672x384/2020/08/b803-5f4cab7553a7d-scaled.jpg
cache-control: max-age=3600
cf-ray: 8354afdc3f55418f-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 08:20:54 GMT

GET
H2 200 e45c84f630.jpg
flirtavieta.com/faces/ 9 KB
9 KB 999ms
59ms Image
image/jpeg 212.32.235.171
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtavieta.com/faces/e45c84f630.jpg
Requested by: Host: puzzhetherme.tk
URL: http://puzzhetherme.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.235.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: flirtavieta.com
Software: nginx /
Resource Hash: eb009c740b4f82e82e888d13ddc9ba14f34e8641d3228f1e84295d9e09512b97

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://puzzhetherme.tk/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 14 Dec 2023 07:20:55 GMT
last-modified: Tue, 12 Sep 2023 11:14:25 GMT
server: nginx
etag: "2458-605278bb2ed0e"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9304
expires: Thu, 21 Dec 2023 07:20:55 GMT

GET
H2 200 fdf424d1db.jpg
flirtavieta.com/faces/ 9 KB
9 KB 971ms
32ms Image
image/jpeg 212.32.235.171
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flirtavieta.com/faces/fdf424d1db.jpg
Requested by: Host: puzzhetherme.tk
URL: http://puzzhetherme.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.235.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: flirtavieta.com
Software: nginx /
Resource Hash: 2e76461b7da9b9fcbdc5988e12df7bd2c5bfa8ae0bd0c46c1d76ea89cf3d443a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://puzzhetherme.tk/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 14 Dec 2023 07:20:55 GMT
last-modified: Tue, 12 Sep 2023 11:14:26 GMT
server: nginx
etag: "22ad-605278bb79854"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8877
expires: Thu, 21 Dec 2023 07:20:55 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 72ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Tue, 12 Dec 2023 08:59:57 GMT
X-Content-Type-Options: nosniff
Age: 166857
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7816
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:10:34 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 11 Dec 2024 08:59:57 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v36/ 42 KB
43 KB 69ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e39ec7b42b5f6e62f36e4f1ee181796d0663bc05e2fdf12422d6fc8e2765001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Sat, 09 Dec 2023 04:31:47 GMT
X-Content-Type-Options: nosniff
Age: 442147
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 43172
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 00:26:59 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 08 Dec 2024 04:31:47 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 69ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Tue, 12 Dec 2023 02:31:40 GMT
X-Content-Type-Options: nosniff
Age: 190154
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7748
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:10:09 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 11 Dec 2024 02:31:40 GMT

GET
H/1.1 200
OK memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2
fonts.gstatic.com/s/opensans/v36/ 44 KB
45 KB 70ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ae09c45020ce4ca0451e3fda67ab506223266d5f643093d1be99e9fd92b0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Tue, 12 Dec 2023 08:21:10 GMT
X-Content-Type-Options: nosniff
Age: 169184
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 45396
X-XSS-Protection: 0
Last-Modified: Wed, 13 Sep 2023 23:29:06 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 11 Dec 2024 08:21:10 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLCz7Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 68ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFd2JQEl8qw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 11 Dec 2023 23:28:17 GMT
X-Content-Type-Options: nosniff
Age: 201157
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5384
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:03:34 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 10 Dec 2024 23:28:17 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2
fonts.gstatic.com/s/opensans/v36/ 30 KB
31 KB 68ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691b9ebf03d2e0c851594e0af47e8dd14cf0d804bb0015a37d49bf981b1dfda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 11 Dec 2023 23:34:34 GMT
X-Content-Type-Options: nosniff
Age: 200780
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 30492
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 00:10:11 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 10 Dec 2024 23:34:34 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLGT9Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 103ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFd2JQEl8qw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Tue, 12 Dec 2023 00:45:22 GMT
X-Content-Type-Options: nosniff
Age: 196532
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5452
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:15:19 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 11 Dec 2024 00:45:22 GMT

GET
H/1.1 200
OK memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06FxZCJgvAQ.woff2
fonts.gstatic.com/s/opensans/v36/ 32 KB
33 KB 98ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06FxZCJgvAQ.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b35ff0d874fe9e4bc0a6256cb97fbb0ad9559e71b6c3dab79fc1a4fb4f67636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://puzzhetherme.tk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 08 Dec 2023 23:07:19 GMT
X-Content-Type-Options: nosniff
Age: 461615
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33196
X-XSS-Protection: 0
Last-Modified: Wed, 13 Sep 2023 23:31:31 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 07 Dec 2024 23:07:19 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			puzzhetherme.tk/	1969-12-31 23:59:59	Name: ch1c Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cdntest.db.lv
flirtavieta.com
fonts.googleapis.com
fonts.gstatic.com
neskaties.lv
puzzhetherme.tk
tv3cdn.lv
212.32.235.171
2606:4700:20::681a:16a
2606:4700:3035::6815:232c
2606:4700:3036::6815:197c
2606:4700::6811:190e
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
2a06:98c1:3120::3
02978a543137f33f30b1c3340d0ea519d2c325462ea8ae1a53a764a3bb22b15c
2e76461b7da9b9fcbdc5988e12df7bd2c5bfa8ae0bd0c46c1d76ea89cf3d443a
4b35ff0d874fe9e4bc0a6256cb97fbb0ad9559e71b6c3dab79fc1a4fb4f67636
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
691b9ebf03d2e0c851594e0af47e8dd14cf0d804bb0015a37d49bf981b1dfda5
8388af9eac70f6555278bfa28fc878255c7383d76258cf1b9a8edbde3501f17e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9e39ec7b42b5f6e62f36e4f1ee181796d0663bc05e2fdf12422d6fc8e2765001
b68d497969ddb4a1e1927ea05f942249fc5a6e3b51fdebce0c97b39864e1f5a7
c8ae09c45020ce4ca0451e3fda67ab506223266d5f643093d1be99e9fd92b0cd
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e67cd2a5072280bbf8d5c28a3cb2ec7d5b9050af959e6064637eeb9af54b6e93
eb009c740b4f82e82e888d13ddc9ba14f34e8641d3228f1e84295d9e09512b97

puzzhetherme.tk Open in urlscan Pro 2606:4700:3035::6815:232c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

20 %HTTPS

88 %IPv6

8 Domains

8 Subdomains

7 IPs

3 Countries

350 kBTransfer

555 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

puzzhetherme.tk Open in urlscan Pro
2606:4700:3035::6815:232c Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

20 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

350 kB
Transfer

555 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions