r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9345
Expires: Wed, 14 Sep 2022 14:02:13 GMT
Date: Wed, 14 Sep 2022 11:26:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 11:09:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j3A7Vw8TRhvS8xga-o3n8ojV2IVtVu6Up-9n0kNcXzR2FtVoy5abwg==
Age: 1017
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hwAlZQOJvJ32Ztj0NWguHgCNWQqg92wnw4g7E2mDX-0PJ9mpBAVjbQ==
age: 24673
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 11:26:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
thuvienstem-steam.com/
103.221.222.22301 Moved Permanently 0 B IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
x-redirect-by: WordPress
location: https://thuvienstem-steam.com/
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
expires: Wed, 14 Sep 2022 11:26:28 GMT
content-length: 0
date: Wed, 14 Sep 2022 11:26:28 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 11:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 11:29:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b4Wtg-BOQvnLfWN1ng-IP3Re1A6kQM5r3wtnTGrIrCygJs7tcFGQFw==
Age: 1386
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5779
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:29 GMT
Last-Modified: Wed, 14 Sep 2022 09:50:10 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8qX7ptFtPSlIfHcvceiAmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x+e7SkfWPZC0IL2EHE0ub4ZnV1s=
cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0.2
54.230.111.22200 OK 1.7 kB URL HTTP/2 cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0.2
IP 54.230.111.22:0
File type ASCII text, with very long lines (7191)
Hash 0b704046d76bb4d3929be4f7f20472f5
564f70325044cf9834f70d9689463cbfb8a53b71
511ae4f5d6a1803848d68c82cd61d2ad1ed3a1c65037e2cbcf9a7edd2fa6fa5d
GET /free/1.0.0/icon-font.min.css?ver=6.0.2 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 1672
date: Sat, 21 May 2022 07:14:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:10 GMT
etag: "0b704046d76bb4d3929be4f7f20472f5"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CrJnqEoc4q7yGjiL6P3t8HMlJYa7d94EbZ-bTVBJ_mnPDb-fKObVQQ==
age: 10037506
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thuvienstem-steam.com/
103.221.222.22200 OK 73 kB IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42117), with CRLF, LF line terminators
Hash 28e86c6922629a1df562fdadf6712f49
f5a1966dcc54b29684b3184732ea7310e2fddff0
b1bd008eea91e4787a5b09986e6adb8e4205350138a719bbd4028290b026a307
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Wed, 14 Sep 2022 11:26:29 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 14 Sep 2022 09:15:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 73435
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thuvienstem-steam.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2
103.221.222.22200 OK 8.5 kB URL HTTP/2 thuvienstem-steam.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (38375)
Hash b4f42c778272789200eaac1b01c791d5
89ca9966452e5e177ffaf08de539eaa7326652e0
143d9710a437e40afc1bc61dfd95dde8dcde3fac4117c72cb0412cce93415754
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 21 Jul 2022 05:10:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 8482
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
103.221.222.22200 OK 12 kB URL HTTP/2 thuvienstem-steam.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (43771)
Hash 71e1df66e68479f1941dc82112c668ab
0ab2ab2f3a8ea2762a48644f94a905f219392398
c94464a9c9f6988b733cb8245c7dd92246d1dd4c69e1e43ffb41a69eb767926a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 12 Jul 2022 20:40:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 11909
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/quick-download-button/css/style.css?ver=1661336228
103.221.222.22200 OK 14 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/quick-download-button/css/style.css?ver=1661336228
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (2675)
Hash 4bb8bd4afe515fa70f6f2fe13e6474ce
bd560df9335ac9417f4c7b910e3fc31586928729
a6d9e455d9ff6a915168ed44e568d225691a0c683273d8b9afcb0eb66009ab7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/quick-download-button/css/style.css?ver=1661336228 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 24 Aug 2022 10:17:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 13956
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/table-of-contents-block/build/style-index.css?ver=6.0.2
103.221.222.22200 OK 1.3 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/table-of-contents-block/build/style-index.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash 0c040423206ff10ef79a9853cfd42c58
8f5847264bf7c47ad3a0b1fef5df7cc7bcdb01f4
f81d6cb87b316c737bc701d5acc02bc19f30936f6a09ddc06a5e6b964fed9316
GET /wp-content/plugins/table-of-contents-block/build/style-index.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 12 Oct 2021 16:29:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1303
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2
103.221.222.22200 OK 1.3 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (5305), with no line terminators
Hash c5fcb437a21dfb9f2bbc3f36bf8598b5
2e29ccd3ebb13119c248ecb223feb170dbe6894c
12018eb1360945660385d02cebaf7786d6ad2df44eaa9a741df715e07b03e165
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 28 Sep 2021 08:02:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1322
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2
103.221.222.22200 OK 21 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash e5a7d7c5a55acccedbbf6598bded3859
980dc60e64389d90c7fae7a2cf089d3644a829dc
353cd8b791b8ca454e68be1236ce557dbc64edd3f1b00aeaf406b09b9ba46cc3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 28 Sep 2021 08:02:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 20702
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-includes/css/dashicons.min.css?ver=6.0.2
103.221.222.22200 OK 35 kB URL HTTP/2 thuvienstem-steam.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (58981)
Hash 173dde0c23e54ef64789ba9afec29c06
7d8af7cbe365f22fe5f59678c383852e1f77dca3
571f5bac91195b54e4081329791e318edb2152685d69bf3444b7de146ee51de5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 03 Mar 2021 19:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 35200
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6
103.221.222.22200 OK 289 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with CR line terminators
Hash 06e5b21cbcff813c4731edf288388ba4
697133e0e3ea0a896f5a45023887d9345304afd0
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 02 Oct 2021 13:04:19 GMT
accept-ranges: bytes
content-length: 289
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.2
103.221.222.22200 OK 1.9 kB URL HTTP/2 thuvienstem-steam.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (16351), with no line terminators
Hash 6ede0e528b200fe03fd7734706016c93
8eae590f753b9e3068d6148466345c93894b7a02
afdeba6d1f32e36af56f978ffd40f509eb8a793efa5dc2d5267f7c3d50be4b8d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 21 Jul 2022 05:10:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1944
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.2
103.221.222.22200 OK 16 kB URL HTTP/2 thuvienstem-steam.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash d9658444904a0a6b1c063f204abc34ca
5015a748a07cdfd3d0c1de4f7d1bd223819e34c8
25321bfafe3a31d43accefc78a13ad0ea36727501705f4579d52dca585c8683f
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 07 Sep 2022 03:59:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 16445
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1663146914
103.221.222.22200 OK 13 kB URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1663146914
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type Unicode text, UTF-8 text, with very long lines (27140)
Hash 97464174baa398589211effbc1d6a24e
7d8e6e88ec13fc354f11a20b1844d4aed91f7c61
f22f82a6b8259f555ed8d131bbf9203b4be048ef82591c1c1feab1c3db0a01e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1663146914 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 01 Sep 2022 02:19:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 13257
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/astra-addon/astra-addon-6318b731712e51-32890839.css?ver=3.9.1
103.221.222.22200 OK 11 kB URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/astra-addon/astra-addon-6318b731712e51-32890839.css?ver=3.9.1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (65536), with no line terminators
Hash cc58dbcf1181844faf710c6ba0120ee2
11c1e3ad4967bf7877a35eaf43a0079e9d57003d
addb2c68fe6464ab737a1153e6d418a36183922f4b0c549a32a6ee0edb3d0876
GET /wp-content/uploads/astra-addon/astra-addon-6318b731712e51-32890839.css?ver=3.9.1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 07 Sep 2022 15:22:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 10724
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
103.221.222.22200 OK 3.8 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (19082)
Hash 4b424cb15c233b5195a6cd1a1a218ba6
a5666c164c2bf7002b61bee425204bd689b87f37
d93f61900be00380a88a7ce235c487b8aa3c17d86f07585555bcc787494288da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3793
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
103.221.222.22200 OK 14 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (65497)
Hash 1664d994bbd42be7290fab4cde558c32
67f5acd189b775a0615a4c72bdb6e165ddaeb810
36c711476189fe5de862627e4df4194a35b52fac3e3a58031227c93bb83dfd59
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 14311
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/elementor/css/post-36.css?ver=1656259381
103.221.222.22200 OK 353 B URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/elementor/css/post-36.css?ver=1656259381
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (1180), with no line terminators
Hash 63c05e5e9c20e2d4268fa648b9ddcf7b
4ff73d2167144aba0f8a1cc9b86209af52188b7b
66fa68167543fb28d606ba972304820dfce0b1a28cdbde2c482712b05c4e0504
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-36.css?ver=1656259381 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:03:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 353
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2
103.221.222.22200 OK 1.7 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (11362)
Hash 7cd760ebf34525028458c5676e689eae
0a17d7c646dfb88322b0f713674d9e1cd7bf5f89
c123aa5cb1df27f959bb20096a87aa2aa388d457f671d5011a1bf32a6cf07764
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 14:36:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1650
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/elementor/css/global.css?ver=1656259626
103.221.222.22200 OK 8.1 kB URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/elementor/css/global.css?ver=1656259626
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (50767)
Hash e7a217b942ad301cf05646b77a0c8045
d75b23f54ec15cbb9961d98d4d1f01d38747aef5
16fc56c00eb3e7f3f03e3c4444de5a54084582e3250ab621d1ee632c2b31b60a
GET /wp-content/uploads/elementor/css/global.css?ver=1656259626 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:07:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 8100
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/elementor/css/post-1256.css?ver=1661091170
103.221.222.22200 OK 637 B URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/elementor/css/post-1256.css?ver=1661091170
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (5039), with no line terminators
Hash ed4e6f737af503aff8a0672f9dbdeb14
5d51ed07da8028002f755ca95b983d46dc17b2bc
8a26afb57f05120c202491e1bc3d23782960be0e62427c8460d7c35666cc9baf
GET /wp-content/uploads/elementor/css/post-1256.css?ver=1661091170 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 21 Aug 2022 14:12:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 637
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/elementor/css/post-18238.css?ver=1661998704
103.221.222.22200 OK 300 B URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/elementor/css/post-18238.css?ver=1661998704
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (846), with no line terminators
Hash 8c41324dc8d86229eea30aaac8812ffc
21823732cefdc35578f2833e798aa734f5691f74
648bcd42f3d1db42232511b4f46447dd5dafe7a986c647fcf39a4705ee7dd41e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-18238.css?ver=1661998704 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 01 Sep 2022 02:18:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 300
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/default-responsive.css?ver=1
103.221.222.22200 OK 2.0 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/default-responsive.css?ver=1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with CRLF line terminators
Hash f48e3dec708ffec047c57fa7debd00b9
3993eb5e531043bcee297b2ddcdacf508bb9469a
5caf4b3fe3b145a360c025a6874e0d0bffa8638d446fc8068f05e3d720b5baa5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/default-responsive.css?ver=1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2005
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/wpmm-custom-theme.css?timestamp=1663146914&ver=1
103.221.222.22200 OK 0 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/wpmm-custom-theme.css?timestamp=1663146914&ver=1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/wpmm-custom-theme.css?timestamp=1663146914&ver=1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 14 Sep 2022 11:26:29 GMT
accept-ranges: bytes
content-length: 0
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/responsive.css?ver=6.0.2
103.221.222.22200 OK 1.5 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/responsive.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with CRLF line terminators
Hash a335170a78041ed6d45e556d179cba50
4c2106217b6f79b5714704b31acceb0807023951
a14541da6457957a3afecd21c516aeea081105db4895251fd4188049db215dc0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/responsive.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1482
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/animate.css?ver=2.1.4
103.221.222.22200 OK 4.7 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/animate.css?ver=2.1.4
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash 8a4b233d33ef626ec56290c6eec5939e
a8ca82a7772212964204d9ffaf7e4bdf28db0b7d
fa7e4207c60fafaaed4e0ed0172e565214b0436038fe5f7cd2491ec5571ba859
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/animate.css?ver=2.1.4 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 4668
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/colorbox.css?ver=2.1.4
103.221.222.22200 OK 1.4 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/colorbox.css?ver=2.1.4
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash acfd3a87748b074233112a7c834eac49
13d1c611f5ac93cfe2d66e1f18f915f4a89d7e9c
7df89645d4881d157660435fdb861b53eafcb02bb0fd8e709c69c66d3dc1acea
GET /wp-content/plugins/wp-mega-menu-pro/css/colorbox.css?ver=2.1.4 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1406
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/frontend_walker.css?ver=2.1.4
103.221.222.22200 OK 1.5 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/frontend_walker.css?ver=2.1.4
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash bfcb8a2b77685c165fbb01c956014441
6f650a486d72e1a451384ba6a4708c8c3fe48d0e
b26780638ca74329c48688835b0672f4f5a73b5aafc850bb347459367c460516
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/frontend_walker.css?ver=2.1.4 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1513
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/jquery.bxslider.css?ver=2.1.4
103.221.222.22200 OK 1.2 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/jquery.bxslider.css?ver=2.1.4
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash dc433bbb7f910a55ab2317d3767e5d82
376db26947681101666b8400034b74b0649ba5d0
29a66141a7c5a2df27fbc125853b4f74e0f56b370d8f0bf9dfed28747eb68223
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/jquery.bxslider.css?ver=2.1.4 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1219
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/linecon.css?ver=2.1.4
103.221.222.22200 OK 715 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/linecon.css?ver=2.1.4
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with CRLF line terminators
Hash fc03439ac122f545b333bd6857b67a5f
de1d15d17f3ecd67bb1fd8660b28b31170091fc7
ac5585771a15cbeb35c360ad4d3581b97dce1c3ea0e7004ef20bf98099cf74ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/linecon.css?ver=2.1.4 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 715
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/genericons.css?ver=6.0.2
103.221.222.22200 OK 16 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/genericons.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (18732)
Hash 46a446c9e3ed8aabf943ed14e97b66b3
08becb58fbf2028207ed3f305d2c75d9760e8f00
7cf38c052dc421975f3213ba0247bb3140024f6f49ff3d266a8838bcf8e5cfbb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/genericons.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 16163
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/icomoon.css?ver=6.0.2
103.221.222.22200 OK 4.2 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/icomoon.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash 67c03478e3f75eefaffc8af47ebb92b2
b148cc2a9600edebea7971679e850fced6c7d1f2
24c8df2610025fd74b657d16d79b9a192ecf0ef967c3f7742482c4fe10f4af95
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/icomoon.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 4226
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fontawesome.css?ver=6.0.2
103.221.222.22200 OK 8.6 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fontawesome.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash 278b492147322df9ec92b26f81761d5b
10315d6fc35c00034cd10288fcf87a36b753e56d
ad50b0a9ff094fa8302b7cf7ead15ed0236c7d2d296780429b1c59bef62f1c3c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fontawesome.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 8578
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-solid.css?ver=6.0.2
103.221.222.22200 OK 302 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-solid.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash cb5ff962b39f8c92c51de074054c6279
88177f556193b210f55c54d1b94b34e7cea94bfb
4046f21cbaa6d46e63fe28c006806ae985983c8feb3c42314ca196d85302fb9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-solid.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 302
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-regular.css?ver=6.0.2
103.221.222.22200 OK 300 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-regular.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash a1d7110040f3e83c6559fbe05b011cf3
68ff302074281c00e5ef54e532bf4fbe5092e4b2
c16fa8987675836fa1a91a07cb63dc3620c00b8fee35ebeeb88a777ab490bc83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-regular.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 300
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-brands.css?ver=6.0.2
103.221.222.22200 OK 294 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-brands.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash 5f3369cf019e54565c5f700ad8c5d153
381aaed4b78686cc1312e06787dbacc6a8759ed0
f59ee67061de2a83462b0e9b4c6c6a7959e323bdf51678dbdf5bf1032002cefd
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/fa-brands.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 294
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/font-awesome.min.css?ver=2.1.4
103.221.222.22200 OK 7.0 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/font-awesome.min.css?ver=2.1.4
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (30819)
Hash 5ddc01edf2a8a4c96babac8f59dfdf18
25595c6ed97a23bb6847b2202657d51d983f0e0d
1d52be1a78b3cf53a6e91af173bf1b84ce58003e2d37868344cfacf43b68cafc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/font-awesome.min.css?ver=2.1.4 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6996
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/themify-icons.css?ver=6.0.2
103.221.222.22200 OK 2.9 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/themify-icons.css?ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
Hash c248c2a0908a79aa01166b4555d0f394
f58354d381fc72871ab5bbed9cb7c221f9c165e1
a651da7f7c0ddd34c3372048677cb5a55949f381084d4ce3c588e413f57c5bd4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-mega-menu-pro/css/wpmm-icons/themify-icons.css?ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2850
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
103.221.222.22200 OK 13 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (57726)
Hash 129f8e8c1e4b618bf2608d6055ca0890
9bf457971f80f3f1e40bf8bb1a83eb4e78ec2aeb
3046dc3c0c95c9cb9b130b02d6da6ca6ffc6525db9f190ada9ef23ce3b019019
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 12611
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
103.221.222.22200 OK 301 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (483)
Hash d3772fe5827c606b181f4b4def004870
78fc945daf08e4d00ad811949ae343f380c9a268
7b0b1933738fb5966029e0d63ae652069175502fc371ab8f3a8301fc3808c8df
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 301
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
103.221.222.22200 OK 1.1 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (11736)
Hash 476a9b2e3624408e838d9ec610fc4b45
235fbcc2a199c4a64415528acc1c4c2353628507
764fadff0b60c0cd23f625ea3ef36694c377c1df6a59cfb9180b5b2d9be832bd
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1071
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/uploads/elementor/css/post-2348.css?ver=1656259411
103.221.222.22200 OK 1.9 kB URL HTTP/2 thuvienstem-steam.com/wp-content/uploads/elementor/css/post-2348.css?ver=1656259411
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (35809), with no line terminators
Hash 60d94c27d6b97a832cd481c296a19974
2853d8f28c93719f1adb859b92eb56bb21067376
30c07cebba759dd6ff586b9620d5e587d1386004c9fcf55cb1ebfd85af81128a
GET /wp-content/uploads/elementor/css/post-2348.css?ver=1656259411 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:03:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1907
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.3
103.221.222.22200 OK 13 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.3
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (59158)
Hash 6b2d58e1f7736cb8aae72243ad6178c7
f8fcc091705240d6a1230624bcaf9f32a8135014
1f63ea8671831183535b6a60fb40281df5109a8f33e82a0e3e55d90e0fe4a42d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.3 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 12883
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.9.3
103.221.222.22200 OK 4.2 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.9.3
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (26516)
Hash 0840a4a6d2c1d46e2851244382f493bf
521deb64b6554a3ce7a014a95b7db2c2ff751c52
8949080c7b116be16262b66cb8433cca07c19db4fb6384a046ae59d0240e33f6
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.9.3 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 4208
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
103.221.222.22200 OK 300 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (489)
Hash dc347e94997e9330a31df1db832eb55a
a8b04c0e9fd141c511a61688ca0e18d72480e543
6073bd27dde0822d38adca7b63149f31ca6ffffdd175c5e195a475b43fd2906b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 26 Jun 2022 16:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 300
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=5.7.1
103.221.222.22200 OK 935 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=5.7.1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (3287), with no line terminators
Hash 9dc85995cc728b0352d975889aec58aa
860044018bea55aba66077fa09682802c93501bf
f003600f525fa0cd60eb29c6a39ce86d2849f9bc26a900c1bf3dbe845389576b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=5.7.1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 28 Sep 2021 08:02:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 935
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=5.7.1
103.221.222.22200 OK 1.9 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=5.7.1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (7887), with no line terminators
Hash 502be58299f4e056b160df146353a985
53ed0e8c14ff3440ebce98b060f4196ad3d2f1c7
c316e526a0a2bd707d7a58834d68496f0bbef0202c0c5421b4de85ca1ee48b14
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=5.7.1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 28 Sep 2021 08:02:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1888
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
103.221.222.22200 OK 3.7 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type ASCII text, with very long lines (7870)
Hash 0860e8904a062b3e0dd0f4c1d405e147
780aa602dfcc9dd3b4ba8f3a767b3f2aa1dfe15b
f1993a487f3de727b76a6150e6bb302ad07def41dbe599870da6c47929267628
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:30 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 25 Aug 2022 07:57:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3746
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/style.css?ver=1
103.221.222.22200 OK 36 kB URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/css/style.css?ver=1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 6dd2ee50bd3937d707baaaf3f10655df
326cc52f8eba0990c1a175af96161f9be32a7a3c
617d5d5ba11dc30bfcb4e5dc0fa858dcb1965796f0c127b666b0394fc96a4b63
GET /wp-content/plugins/wp-mega-menu-pro/css/style.css?ver=1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 24 Oct 2021 13:19:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 35490
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2840
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 11:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2840
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 11:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2840
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 11:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2840
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 11:26:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 48898
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:48:11 GMT
age: 49099
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7be52d818b206e064541ef4f4b0786b
7674123112859fd79ee9214c5308ad6a5e4ed015
bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16980
x-amzn-requestid: f6211d45-1e26-49a6-8c46-412d8714501c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIvUHPwoAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87fb-00d053687671af6214ea6ba9;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:02:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZhWlfWQgEMpTF4Nrnc3RTN71UZICYJTNpVNUvEsurjMDp2e8mta4Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 00:10:59 GMT
age: 40531
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:42:05 GMT
age: 49465
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b20499b3b8ef7b8ee73bd8b27e8c0c16
744a852e9357455d55e72809841411258fec44a9
457c8a9e4974a9529fa852b37f7ffc083e0eac987fe47aaebda808bf9f9f2941
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9270
x-amzn-requestid: bba505a1-bbba-4d14-ad3a-1f72c028cc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj-YGaOIAMFeOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6c2-08d743cc73070f6653991180;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N0iUxQripFCaFLbMsp-lsFOMHDKzQUW3AHaWMyzOK9NGyAz5weDbvg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:28:34 GMT
age: 43076
etag: "744a852e9357455d55e72809841411258fec44a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a9cdc8f-0a34-4625-850f-bf201a4e0581.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a9cdc8f-0a34-4625-850f-bf201a4e0581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ea41251e0702e3d7e9122210c5faceb
6b94e345b15bd1510f2ef339ba440317e75c262e
f464b87c42423b1134b18362692f894041ad92ca6ea038a918e80637f13468a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a9cdc8f-0a34-4625-850f-bf201a4e0581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8986
x-amzn-requestid: 50ea02e7-c0fe-4405-99e7-fe56970d7e30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yau8CFzVIAMFSqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f84c-2d626b7939bac2a714a8c8bd;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cxZK05ay7SFaZX4HLwKNhKtI50D1B_yVyDt59wswLFIiOl-on8angA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:44:21 GMT
age: 49329
etag: "6b94e345b15bd1510f2ef339ba440317e75c262e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 96929
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 575542
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:35:48 GMT
expires: Thu, 07 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 575442
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Hash deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:35:18 GMT
expires: Thu, 07 Sep 2023 19:35:18 GMT
cache-control: public, max-age=31536000
age: 575472
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MP5s-.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MP5s-.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16100, version 1.0\012- data
Hash 9f237e5dd3454ed101597ba2a19a97fe
9b8381c747a855b43b50b49b4cdd9231cc85978e
d920d3f10c6969ceb493acddd9cc4a3ba9bef88c00baebffb62fe833ea8871ba
GET /s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MP5s-.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 15:15:25 GMT
expires: Wed, 13 Sep 2023 15:15:25 GMT
cache-control: public, max-age=31536000
age: 72665
last-modified: Fri, 24 Jun 2022 18:47:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MMZs-ZNU.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MMZs-ZNU.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12188, version 1.0\012- data
Hash 94a50df0e8bf6be2668b6642bc194bc7
9b09f6a3e3f5ed1ee2f575a8f2c3e47c64012c35
e5337719a035e2381fcf8f68b584825617479cfbd60f36d6322fa85202fd6f74
GET /s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MMZs-ZNU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 12:38:26 GMT
expires: Wed, 13 Sep 2023 12:38:26 GMT
cache-control: public, max-age=31536000
age: 82084
last-modified: Fri, 24 Jun 2022 18:50:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17984, version 1.0\012- data
Hash 1ffa00c7dcd120476f50c12e10e6b0b2
b2cb1d89eb252bc3ca6753b65b6e968c95b8b0ed
058fd8e17b26fec2578f985cbc75d51a9a28fdc7060bb20266d5428da6e183a1
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 05:18:34 GMT
expires: Wed, 13 Sep 2023 05:18:34 GMT
cache-control: public, max-age=31536000
age: 108476
last-modified: Mon, 18 Jul 2022 19:12:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 18:57:58 GMT
expires: Tue, 12 Sep 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 145712
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
142.250.74.163200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:14:36 GMT
expires: Tue, 12 Sep 2023 21:14:36 GMT
cache-control: public, max-age=31536000
age: 137514
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
142.250.74.163200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14040, version 1.0\012- data
Hash eadd44d829d43ddf48870c2073f1a7ca
fc04b04f37e0988001c81be96bca33c4d866450f
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 00:02:06 GMT
expires: Wed, 13 Sep 2023 00:02:06 GMT
cache-control: public, max-age=31536000
age: 127464
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 575542
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2
142.250.74.163200 OK 7.1 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7060, version 1.0\012- data
Hash 6349725a93ad6a7c84f5a120c741b36b
24d6e9ce92a235112c2e614a6ad0724348f5934a
5ecd273e2db60500360cf8909250479e30e36bd1a21094775620382ceb937541
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 15:38:43 GMT
expires: Wed, 13 Sep 2023 15:38:43 GMT
cache-control: public, max-age=31536000
age: 71267
last-modified: Mon, 18 Jul 2022 19:12:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
142.250.74.163200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data
Hash cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 21:32:38 GMT
expires: Thu, 07 Sep 2023 21:32:38 GMT
cache-control: public, max-age=31536000
age: 568432
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
142.250.74.163200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:36:26 GMT
expires: Thu, 07 Sep 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 575404
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MMJs-ZNU.woff2
142.250.74.163200 OK 4.1 kB URL HTTP/2 fonts.gstatic.com/s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MMJs-ZNU.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 4052, version 1.0\012- data
Hash ceea97f695114a9d6da3f016710b5e02
fd1ddf88faa6c67bad38f73d91d05374109ecbf4
e5135c9fd252f45045c4e27850d3d523c1ddbeefc10b521b3c9800f2ac6cbf8b
GET /s/crimsonpro/v23/q5uUsoa5M_tv7IihmnkabC5XiXCAlXGks1WZzm1MMJs-ZNU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 4052
date: Wed, 14 Sep 2022 11:26:30 GMT
expires: Thu, 14 Sep 2023 11:26:30 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Jun 2022 18:49:20 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.linearicons.com/free/1.0.0/svgembedder.min.js?ver=6.0.2
54.230.111.22200 OK 519 B URL HTTP/2 cdn.linearicons.com/free/1.0.0/svgembedder.min.js?ver=6.0.2
IP 54.230.111.22:0
File type ASCII text, with very long lines (520)
Hash 6fb5a1a9925f28916193ddc1d72f9b0d
bdc64cce45bb408f635c2d61ef79061ea1997069
85194f705319dba5c19a61ccf7643ab990e4a699e2927a3d967b62d70ebbea9b
GET /free/1.0.0/svgembedder.min.js?ver=6.0.2 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 519
date: Wed, 01 Jun 2022 06:27:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:40 GMT
etag: "6fb5a1a9925f28916193ddc1d72f9b0d"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: flCrWOO6x5PmACKrDqPuLSLgZGv0MsNjf7zroXKTW_grbGpvYZfrcg==
age: 9089931
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-208813839-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208813839-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 37d78951bbef7739ea31d3028aecbcef
50dfce7e1e02e92926ff404cbbc3b4c6b2032c7b
ce87ecaf899aa7ef728d6b3570ff30bc2e3295f5ecdc7f62c47974185bb5b5eb
GET /gtag/js?id=UA-208813839-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 14 Sep 2022 11:26:31 GMT
expires: Wed, 14 Sep 2022 11:26:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 14 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9124072946315202
142.250.74.34200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9124072946315202
IP 142.250.74.34:0
File type ASCII text, with very long lines (2903)
Hash 2265c9ec7e3ad50e1fd79f73bd791a4d
aac7e82a2caa1a4e4373594ea1815988b9830219
f50fe06e7e358a5d6ac1dd02b242f8f5515c479ad91c2839446d58c116a7f021
GET /pagead/js/adsbygoogle.js?client=ca-pub-9124072946315202 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 14 Sep 2022 11:26:31 GMT
expires: Wed, 14 Sep 2022 11:26:31 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1478261387523891061
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 14 Sep 2022 10:29:41 GMT
expires: Wed, 14 Sep 2022 12:29:41 GMT
cache-control: public, max-age=7200
age: 3411
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44f0a31315e135bb54b234a3d456b9b0
865896180a4d850d3f077e1480668a93c22b42cb
24c15ff63eb19b697f36f982d4c14df71eaf5d55ec9259a39e5a9f75fe49609e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220912/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:15:25 GMT
expires: Wed, 28 Sep 2022 05:15:25 GMT
cache-control: public, max-age=1209600
age: 22267
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44f0a31315e135bb54b234a3d456b9b0
865896180a4d850d3f077e1480668a93c22b42cb
24c15ff63eb19b697f36f982d4c14df71eaf5d55ec9259a39e5a9f75fe49609e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9a0fdf7fe7701be1f41b47ea2487c60
bb64e1c07015d87cab0575d563311a0983426934
7fdc2d5cc0bd3374a477403e359b03f7b556df0c6a608a202f8e77b7f0a2cd1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 865e489610a9aca58f1144d8b71ca793
c8f976066478ed67886202484d9389b6f9483321
aa26bf12832acda08d8a19d7530b4acf44ee9d8eaa9d45e7e8515906d6036b2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=thuvienstem-steam.com&callback=_gfp_s_&client=ca-pub-9124072946315202
172.217.21.162200 OK 212 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=thuvienstem-steam.com&callback=_gfp_s_&client=ca-pub-9124072946315202
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash b3ea55e7b0ccc13c2ee0ecf30c8a5573
170bb624f08b9c666b8ad9f55285d67844bedc35
757850ddcb4386629f0ae58942b498366fc07b2f20d1e3086da4646e1c4b7d29
GET /gampad/cookie.js?domain=thuvienstem-steam.com&callback=_gfp_s_&client=ca-pub-9124072946315202 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 11:26:33 GMT
server: cafe
cache-control: private
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=thuvienstem-steam.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=thuvienstem-steam.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thuvienstem-steam.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 11:26:33 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=thuvienstem-steam.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=thuvienstem-steam.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thuvienstem-steam.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 11:26:33 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9a0fdf7fe7701be1f41b47ea2487c60
bb64e1c07015d87cab0575d563311a0983426934
7fdc2d5cc0bd3374a477403e359b03f7b556df0c6a608a202f8e77b7f0a2cd1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c216fe14f0540c85a40ae7fab4bedf07
be38555ec9d5508b0fd6a1c6393ee1a6a6df6d34
fd4ae18423d4332653f8c824ba79b9fb89c47e496f0955d484ca5bf03ca91021
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 865e489610a9aca58f1144d8b71ca793
c8f976066478ed67886202484d9389b6f9483321
aa26bf12832acda08d8a19d7530b4acf44ee9d8eaa9d45e7e8515906d6036b2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-Y8M4KCR12N>m=2oe9c0&_p=1871823755&gdid=dZTNiMT&cid=1020322309.1663154779&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663154778&sct=1&seg=0&dl=https%3A%2F%2Fthuvienstem-steam.com%2F&dt=Th%C6%B0%20vi%E1%BB%87n%20Stem%20-%20Steam%20B%C3%A0i%20gi%E1%BA%A3ng%20Powerpoint%20-%20B%C3%A0i%20gi%E1%BA%A3ng%20%C4%91i%E1%BB%87n%20t%E1%BB%AD%20mi%E1%BB%85n%20ph%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Y8M4KCR12N>m=2oe9c0&_p=1871823755&gdid=dZTNiMT&cid=1020322309.1663154779&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663154778&sct=1&seg=0&dl=https%3A%2F%2Fthuvienstem-steam.com%2F&dt=Th%C6%B0%20vi%E1%BB%87n%20Stem%20-%20Steam%20B%C3%A0i%20gi%E1%BA%A3ng%20Powerpoint%20-%20B%C3%A0i%20gi%E1%BA%A3ng%20%C4%91i%E1%BB%87n%20t%E1%BB%AD%20mi%E1%BB%85n%20ph%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y8M4KCR12N>m=2oe9c0&_p=1871823755&gdid=dZTNiMT&cid=1020322309.1663154779&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663154778&sct=1&seg=0&dl=https%3A%2F%2Fthuvienstem-steam.com%2F&dt=Th%C6%B0%20vi%E1%BB%87n%20Stem%20-%20Steam%20B%C3%A0i%20gi%E1%BA%A3ng%20Powerpoint%20-%20B%C3%A0i%20gi%E1%BA%A3ng%20%C4%91i%E1%BB%87n%20t%E1%BB%AD%20mi%E1%BB%85n%20ph%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thuvienstem-steam.com
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://thuvienstem-steam.com
date: Wed, 14 Sep 2022 11:26:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 49db8ba762c06cc6af193ec2d172b4e7
7575bd5c84709bc4ffcafb2b6523f91d8b8fd193
d5205e7ff1662d34d9762142ff41d65a3d764bd1920434222f553818d540b9eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b83eeef1819083d0f8d52290b58abdef
7f5d00f725bed6d26c8ba00628adafc8f43c0c93
cca1c281e84e9694db182f17cd47d5782d602bf36e2f4902ce7612f2c5d74bd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 14 Sep 2022 11:26:33 GMT
expires: Wed, 14 Sep 2022 11:26:33 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 12:27:00 GMT
expires: Wed, 13 Sep 2023 12:27:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 82773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 510 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash acf78d380efb793269170e447a7517f8
ecc8156169d1f90d0d940f0a919368a8e8434289
43acce140a083d167012a40f7cc2ac034e462f7065a855a5b539cc83dac5edfb
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 14 Sep 2022 11:26:33 GMT
date: Wed, 14 Sep 2022 11:26:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-MrhMgJvwCpwFLCmysPC8Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 11:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=thuvienstem-steam.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=thuvienstem-steam.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thuvienstem-steam.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 11:26:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 45 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3498)
Hash 25cb4a17e1860904b708b740d89ecaf9
74a6c0ebc1efa46424abd24f939a76c0bdecda85
b581f933da7c14f46a3119b6fd3417d0bedcf65b61a38bf92a2232e6b86d8ed0
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44876
date: Wed, 14 Sep 2022 11:26:35 GMT
expires: Wed, 14 Sep 2022 11:26:35 GMT
cache-control: private, max-age=3000
etag: "1662981969255015"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Crimson%20Pro%3A400%2C%7CPlayfair%20Display%3A500%2C%7COpen%20Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair%20Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=vietnamese&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Crimson%20Pro%3A400%2C%7CPlayfair%20Display%3A500%2C%7COpen%20Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair%20Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=vietnamese&display=swap
IP 142.250.74.10:0
GET /css?family=Crimson%20Pro%3A400%2C%7CPlayfair%20Display%3A500%2C%7COpen%20Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair%20Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 11:26:29 GMT
date: Wed, 14 Sep 2022 11:26:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/template-dynamic_style.css?timestamp=1663146914&ver=6.0.2
103.221.222.22200 OK 0 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/template-dynamic_style.css?timestamp=1663146914&ver=6.0.2
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
GET /wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/template-dynamic_style.css?timestamp=1663146914&ver=6.0.2 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 14 Sep 2022 11:26:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/wpmm-extra-custom.css?timestamp=1663146914&ver=1
103.221.222.22200 OK 0 B URL HTTP/2 thuvienstem-steam.com/wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/wpmm-extra-custom.css?timestamp=1663146914&ver=1
IP 103.221.222.22:0
ASN #63760 AZDIGI Corporation
GET /wp-content/plugins/wp-mega-menu-pro/wpmm-dynamic-css/wpmm-extra-custom.css?timestamp=1663146914&ver=1 HTTP/1.1
Host: thuvienstem-steam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thuvienstem-steam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Thu, 14 Sep 2023 11:26:29 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 14 Sep 2022 11:26:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
date: Wed, 14 Sep 2022 11:26:29 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2