The Pizza Code Mystery ARG Wiki

Stormseeker has a personal portfolio website at, which has been connected to the ARG.

Originally, the site's front page, which had the title "Stormseekers Portfolio Site", only contained a screenshot image of what looked like a Source engine rendered scene with the text "Coming Soon..ish" below the image. The site was updated in May, 2015, some time after the Steam release of Black Mesa, adding Stormseeker's portfolio with screenshot galleries.

At the end of December, 2015, the site became unreachable, and as of January, 2016, the site is still unreachable. [1] [2] [3] In a post on the forums, Stormseeker explained that the website went down because the server company lost all the data. [4]

IMPORTANT NOTE: As of August 6, 2017, the domain and the website are in all likelihood permanently defunct. The original domain registration expired on January 4, 2017. The domain was later apparently re-registered by a 3rd party, which subsequently put the domain up for sale, and still is for sale, for an asking price of 900 USD.

Konami Code[]

IRC clue 1 together with Code A led players to discover that the Konami Code could be performed on Stormseeker's website. This, in turn, led to the discovery of the website.


var code = [], lulz = "38,38,40,40,37,39,37,39,66,65";
$(document).keydown(function(e) {
  code.push( e.keyCode );
  if ( code.toString().indexOf( lulz ) >= 0 ){

This is the Javascript source code that watches for the Konami Code input. The decimal values for "lulz" are Javascript event keycodes. If these decimal values are interpreted as ASCII the result is:


Note: This script currently fails to run on Stormseeker's site with the error "$ is not defined". This is due to the fact that ba.js is run before jQuery, a Javascript library that provides the global $ function, has been queued for loading.

Hidden password-protected area: /thepizzaisalie[]

The website has a hidden, password-protected area at the following URL:

Username: drhorn
Password: 1001085139140914

The password is the combination of Codes A-D.

The message from the server (the HTTP authentication realm attribute), shown in the password prompt, is: "The Pizza is a LIE!"

When accessing the URL above, and entering the credentials, a directory index is shown.

The directory originally contained the two files listed in the table below:

Filename Last Modified Time Stamp
1001085139140914.html Sat, 03 Nov 2012 14:50:46 GMT
grilledpizza.jpg Tue, 18 Sep 2012 14:21:53 GMT

A third file appeared after IRC clue 6 (or at the same time):

Filename Last Modified Time Stamp
HALOS.txt Wed, 07 Nov 2012 03:59:11 GMT

More information on these files follows below.


This page shows the image of the "grilled pizza". It also contains some hidden text (black text on black background) that can revealed by highlighting.

This is the text as it appears in the HTML source code:

They stole the lie, as if that matters to me, HALOS is far too complete to stop now. They can't hide there, not now, not now I have this, this holds the key to all things... they CAN'T hide from me. I will follow them, I'll set up a link and this to remind me.

Perhaps I should hide it on the secure site, perhaps that would be best. I'll find them though and they will pay, they will definitely pay.

Dr Marcel was right when he said, "When you're building a cage for Satan, you don't ask him to wait around whilst you put the doors on."

Welsh is probably behind this, but he won't get away with it.



The image contains a hidden message encoded in binary where a white triangle represents "0" and a black triangle represents "1". Reading from left to right, top to bottom, yields the following binary sequence:

00000010 00100000 00100010 01110100 01100110 01100101 01111000 01101001 01110010 01101011 01101100 01100011 01110010 01101011 01111010 01100110 01100101 01101010 01110000 01100110 01101100 01101110 01100110 01100101 01101011 01111001 01110110 01000111 01011010 01010001 01010001 01010010 00100010 00100000 00010111 00000011

In hex this is:

02 20 22 74 66 65 78 69 72 6b 6c 63 72 6b 7a 66 65 6a 70 66 6c 6e 66 65 6b 79 76 47 5a 51 51 52 22 20 17 03

When interpreted as ASCII code, the following is revealed:

 "tfexirklcrkzfejpflnfekyvGZQQR" ␗␃

The first and the last two characters in the message—STX, ETB and ETX—are ASCII control codes which stand for "Start of Text", "End of Transmission Block" and "End of Text", respectively. (Note: since control codes are non-printable, they have been replaced with their respective Unicode representations in the quoted text above.)

The quoted string of letters found in the message


is a message encoded with a simple shift cipher. Substituting each letter with the corresponding letter in an alphabet shifted (rotated) by 9 reveals:


Hashes of grilledpizza.jpg []

If the pizza is a lie, then the above message is congratulating you for winning the lie, i.e. nothing. Perhaps it is just a red herring, and the actual "key to all things" is the JPG itself. For example, 384 bits from SHA-384 provides 256 bits for a key, and 128 bits for an IV when using AES-256.

Digest bits Result
MD5 128 47dba39227afdcd69963a77fd06da7f5
SHA-1 160 bf112cd90db119e276f6f07a8a7a5b7bb06f0fc7
Tiger 192 54a25ac619b9d69944ac3d994bf821ce8387f4aedeccaa9b
SHA-224 224 02180d675a44f14edf2fc87c2d26e81cb1450442651b149f8b31d552
SHA-256 256 1f9715bbb3a46698b038b8cb210630518cc0ac0e9d9845bf9583868c53b515d5
SHA-384 384 50ca9a3e5399efd49ba1125e19e308dea1f6c9da8ab58a31407c98fffd73920eff911b6afda59f9dcf674583f1e67220
SHA-512 512 119bcaab817532a89466fb403420c08c013050fb9db67be1748629f5ec13d683ded060588e58ad6b60b182a81a4933615c07bee009e76aac77be4e8978955227
Whirlpool 512 a35aebe6aad00ae058ff6e2a5351464801305178e95d7a8bac2292a4382a5ef611c1fbfa2d4f7105f82dac77a755e763c8699a30cf336c4043d7682a77dc1d55


This file was added after IRC clue 6.


User Matherunner noticed the "<~" start and "~>" end, as well as lack of ASCII characters 118 to 126 (v w y z { | } ~). He concluded that this is a simple ASCII85 encode.

ASCII85 decode[]

[/][End Transmission]|¬[ABORTIVE.] ~~ [Transmission Ends]]

See 752 Hex Code for more information.

A hint found in JavaScript files[]

On January 2, 2015, a message from Stormseeker containing a hint was discovered in each and every JavaScript file located in a directory index at

 *Oh hai there, someones bein a nosy bounder aren't they...
 *Looking for ARG related stuffs?
 *I have a hint for you
 *21 goes into 1
 *Don't trust anyone, it's not safe.

See the table below for a list of the JavaScript files in question.

Filename Last Modified Time Stamp
pl.js Mon, 25 Nov 2013 02:20:01 GMT
plbp.js Mon, 25 Nov 2013 02:23:18 GMT
plqe.js Mon, 25 Nov 2013 02:23:19 GMT
plst.js Mon, 25 Nov 2013 02:23:18 GMT
plxm.js Mon, 25 Nov 2013 02:23:19 GMT

For more information, see 21 into 1.

A second password-protected area: /wibble[]

A second password-protected area on Stormseeker's site has been discovered at This, however, has been confirmed by Stormseeker as not related to the ARG.

For more information, see Wibble.

External Links[]