firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 15:08:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SGqfcATi5lyCeaohEx71gILy5T-3bUykm8viwI5cqN0Susw7Ht1DRQ==
Age: 2441
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12949
Expires: Mon, 12 Sep 2022 19:24:44 GMT
Date: Mon, 12 Sep 2022 15:48:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TiA0GjVmtReQQJznGE2dWMs_tqpsC3iQ6A2BLloMyO0KRa03IK5cXQ==
age: 30703
X-Firefox-Spdy: h2
www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
192.185.85.15200 OK 7.8 kB URL HTTP/1.1 www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (566), with CR, LF line terminators
Hash 01245de2e77c5cc6838b121c0eeda198
4450b8e8200170decae5d46f2e2d933e9bcbbd08
fdbd52ea1043e24b5e3e15000438553e5ae88d1de700d130d4c43509fb4df9e8
Analyzer Verdict Alert fortinet Malware
GET /search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/ HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:55 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5; path=/; HttpOnly
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7794
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 15:48:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7d0638db85def1a70c776e0dca26e2c0
1c738feb0ef9f19b58a91bd1755d5d053b839d9e
42163eda874ff11e6cec5c737926990d42cfb120bd0432c03741cece24bb4bbb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
192.185.85.15200 OK 5.9 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1371)
Hash 417cb1eedf2f567398de7757d04adbeb
1c4c6f063fbadaf13eaabd1ef5330ab6dffad1c8
e42220940e3ce41381c16af6a6ecd5eb58a625d455219eebb2b3fb8c66850df9
GET /oc-content/themes/autobilekas/css/style.css HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 03 Dec 2013 20:21:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5853
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.dayspasa.co.za/oc-content/themes/autobilekas/css/extra.css
192.185.85.15200 OK 15 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/css/extra.css
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1371)
Hash 19b1b90449eaa5a9af12207c14386476
2d9d503f9d8fdc186c2f0ab8411574ce05612895
af51bc7809b4c20b6a111c5ff6a719734ddcb04b99de73a8bee576ab82a90e36
GET /oc-content/themes/autobilekas/css/extra.css HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 01 Dec 2013 16:51:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14886
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
172.217.21.170200 OK 32 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
IP 172.217.21.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Hash 548260b20981c0be2d9dcf8d01c08c24
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb
GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32245
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 00:37:36 GMT
expires: Sat, 09 Sep 2023 00:37:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 313880
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Mon, 12 Sep 2022 15:48:56 GMT
expires: Mon, 12 Sep 2022 15:48:56 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a362ed935f69c0db"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dayspasa.co.za/oc-content/themes/autobilekas/js/global.js
192.185.85.15200 OK 867 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/global.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (932)
Hash c0d7b2cb1211fa6b6b5168c29d60d200
374cc43ef03e238c235d9a57644cfa0ff0b473eb
9fa4f05e118da42d1f504d1fd19f66e388383df0aeeb6bed9520b5f0714b029d
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/global.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 867
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/chosen/chosen.min.js
192.185.85.15200 OK 6.2 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/chosen/chosen.min.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (18429)
Hash 7e764fbcada39f501a7db6861198178c
65539362fdadaa4271c20fbc1770f560fed1352a
65820a5d600f1523083fb499c3fdb3adfe631a2982c3f4c37b23dc6fa0ec8ae0
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/chosen/chosen.min.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6198
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/cufon-replace.js
192.185.85.15200 OK 292 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/cufon-replace.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f7507783d5d9381505755e40329aa4c8
7de2cb12ee1a825d55b52c0b5c876a3aa87aa810
cd79a8eaf3650af2164035c5f82d4ae3d8265b3be70a66f6b15dd7d680457eee
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/cufon-replace.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 292
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/cufon-yui.js
192.185.85.15200 OK 8.8 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/cufon-yui.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18158)
Hash 51b7a0bca00b759e37b4a3ba149cc090
53bc1733d693989ed9745eb88ae82ac22b5e6bdc
b3b9db1590a669323d8dabb12c0de7e7728cff44b876966a30c79598c6554c68
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/cufon-yui.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8812
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/style.css
192.185.85.15200 OK 7.8 kB URL HTTP/1.1 www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/style.css
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (566), with CR, LF line terminators
Hash 01245de2e77c5cc6838b121c0eeda198
4450b8e8200170decae5d46f2e2d933e9bcbbd08
fdbd52ea1043e24b5e3e15000438553e5ae88d1de700d130d4c43509fb4df9e8
GET /search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/style.css HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7794
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.dayspasa.co.za/oc-content/themes/autobilekas/js/jquery-1.4.2.min.js
192.185.85.15200 OK 31 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/jquery-1.4.2.min.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (820)
Hash 03fb0639234e9426661f7dd3dcfc2cb6
91e24b5f244090cbdd375852cf2461182a2639f3
cc7e6f65b367ed263263df1120b27ca2168cfbccecb1a5ed2c38d47d878c0f3b
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/jquery-1.4.2.min.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/NewsGoth_BT_400.font.js
192.185.85.15200 OK 13 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/NewsGoth_BT_400.font.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (35332)
Hash 3e5a4d5ff707f452d9d59115bffc73f0
3fba01d914688d45d34b19ebaaefe3f0664b25f3
c5b716c1802799668966ec37e52c3c56271d3460f884565f55e66cc409d5f4ef
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/NewsGoth_BT_400.font.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12806
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/NewsGoth_BT_700.font.js
192.185.85.15200 OK 13 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/NewsGoth_BT_700.font.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (34609), with CRLF line terminators
Hash 3ccd8749a7d4e1e508cc95610deb2e1c
c0c913d587d0c11da6c7bf1f6a4f14a06fa3acc6
73929697d6cdce5179f7acbc1197cfbc84c2ef602213e45da8d650b186560695
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/NewsGoth_BT_700.font.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12696
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 14:56:07 GMT
Expires: Mon, 12 Sep 2022 15:50:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y0XQYPpkkpB0nRpbZkNEM7zMXuN_rtDEMWgfwEW5aky_tHKI72dI1A==
Age: 3169
www.dayspasa.co.za/oc-content/themes/autobilekas/js/NewsGoth_Dm_BT_400.font.js
192.185.85.15200 OK 13 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/NewsGoth_Dm_BT_400.font.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (34768)
Hash c330c1a502a9c331360aa3fb2220a860
77714f90b1897d16656d954bde9f92e8a2386a96
c33f4735b9565411fa753d288e9504a06e4a9d61920b2ea6b6fcf7f3c745bdab
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/NewsGoth_Dm_BT_400.font.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12635
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/Myriad_Pro_400.font.js
192.185.85.15200 OK 22 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/Myriad_Pro_400.font.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ISO-8859 text, with very long lines (65018), with CRLF line terminators
Hash 500ebfd2ff8795555c6d1cffbe829f99
f3e02346ae2dd6db502ad923ff5f479fc9a10f54
bed2f2c33e64295d21b7e7c004eb2fc1a94d4cabaecb6bbf327666e29f12132a
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/Myriad_Pro_400.font.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/script.js
192.185.85.15200 OK 99 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/script.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 28c5edcf767e6f82be0bc7c817d70ce6
db743ba0013a861f348e56f93958b1b0399cfae2
5ecdffff18ea02b2237a7438b3ba9fb67c4a50cce724e621f796f73622de0b3d
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/script.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 99
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/themes/autobilekas/js/Myriad_Pro_600.font.js
192.185.85.15200 OK 21 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/js/Myriad_Pro_600.font.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ISO-8859 text, with very long lines (65017), with CRLF line terminators
Hash 450b3d65abb2a9b7e608dba00d9cfd7c
50268fdb809d7e6b36af39d07d60926c6b7ec4ab
a604170d756f2e4b19c4d29898650f016aebe504d071d2314160be335ac891ab
Analyzer Verdict Alert fortinet Malware
GET /oc-content/themes/autobilekas/js/Myriad_Pro_600.font.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.dayspasa.co.za/oc-content/plugins/carousel_for_osclass/js/jCarouselLite.js
192.185.85.15200 OK 5.1 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/plugins/carousel_for_osclass/js/jCarouselLite.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 73e3d2a4bd2811cc523aba82b44431d9
b1700bd16081046c00d92df1fe92983ba71d9f48
1f4f09c2dfc8a536c61e45ed1dbccf35417a41640425300b16f9b95a2880eeec
Analyzer Verdict Alert fortinet Malware
GET /oc-content/plugins/carousel_for_osclass/js/jCarouselLite.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2013 18:17:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5117
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
www.dayspasa.co.za/oc-includes/osclass/assets/js/jquery.min.js
192.185.85.15200 OK 41 kB URL HTTP/1.1 www.dayspasa.co.za/oc-includes/osclass/assets/js/jquery.min.js
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65481)
Hash 2ca42cb73e3b8802490de7e69b852510
b7aaf3e636f27a9b09e322f47d48dc360b1519c6
fe4a7cbf8ddf7a5db1c106d8960b2ea16623f84b4d109bfc7d5831c62196514c
Analyzer Verdict Alert fortinet Malware
GET /oc-includes/osclass/assets/js/jquery.min.js HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Mon, 29 Jul 2013 13:00:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3702
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:56 GMT
Last-Modified: Mon, 12 Sep 2022 14:47:14 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
157.240.200.35301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
Content-Type: text/html; charset="utf-8"
X-FB-Debug: WoWA0DlAIBos2ZgzVgpYGGcnjY2CbzcqwKI+veCLWvMXAnhYWidXQo43E+kr+kwhnbVqLAzUrcE/3SQAinPAAQ==
Date: Mon, 12 Sep 2022 15:48:56 GMT
Priority: u=3,i
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
www.dayspasa.co.za/oc-content/themes/autobilekas/images/tail-top.gif
192.185.85.15200 OK 121 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/tail-top.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 91\012- data
Hash e59c8da11e40019b6aacb2e685610375
39ed7f15a1e704a58e81f69decb8c76ddad0ebda
2c329bec22f44546933ad164d2b95916d64e70283a42feeaf267fd1787875927
GET /oc-content/themes/autobilekas/images/tail-top.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 121
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/spa-heading-3.png
192.185.85.15200 OK 2.8 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/spa-heading-3.png
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 220 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 64fe1e10c6c72ec8e91fa18b56fde9ea
d0d217293e33359d4aa1c2809684c7e1e1e09380
4b766a5638123f1e7790199fd3926f45a3a527027f5727d7b48b800cf317a896
GET /oc-content/themes/autobilekas/images/spa-heading-3.png HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 01 Dec 2013 17:23:32 GMT
Accept-Ranges: bytes
Content-Length: 2830
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
www.dayspasa.co.za/oc-content/uploads/112_thumbnail.jpg
192.185.85.15200 OK 7.0 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/uploads/112_thumbnail.jpg
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 240x200, components 3\012- data
Hash d5de14c2928a804581855a503f4e0f2f
3c3f66cfff6f0b48e351306aff536e72a6c0372f
a9fb8bbf143028787529194bc19e41e02e915b5c70c1ffaa2295a96e19111528
GET /oc-content/uploads/112_thumbnail.jpg HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Mon, 03 Feb 2014 19:50:20 GMT
Accept-Ranges: bytes
Content-Length: 7007
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
www.dayspasa.co.za/oc-content/uploads/95_thumbnail.jpg
192.185.85.15200 OK 9.9 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/uploads/95_thumbnail.jpg
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 240x200, components 3\012- data
Hash 221cb5321df037b50da3f1e83c39b3d6
b9dc90981abb0f70c03399652ae38db25b3d4a93
9a432288fd7fe38b10de6a6a8b8421742f75c884d5fc8b205b2d2f0dfc570089
GET /oc-content/uploads/95_thumbnail.jpg HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Thu, 09 Jan 2014 18:36:17 GMT
Accept-Ranges: bytes
Content-Length: 9942
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
www.dayspasa.co.za/oc-content/themes/autobilekas/images/spa-heading-2.png
192.185.85.15200 OK 2.9 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/spa-heading-2.png
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 220 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dd3a1c06b009096b2653425611bbd3a
b75eca2bb2594c180b3eafecc92c499818e69e61
d4079c2c00b4f41e68d195889dada0e5446fd11452c31e1122681a9fed9b06f2
GET /oc-content/themes/autobilekas/images/spa-heading-2.png HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 01 Dec 2013 17:24:22 GMT
Accept-Ranges: bytes
Content-Length: 2907
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png
www.dayspasa.co.za/oc-content/uploads/120_thumbnail.jpg
192.185.85.15200 OK 9.6 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/uploads/120_thumbnail.jpg
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 240x200, components 3\012- data
Hash b2c90af43808a56cba97227895483672
62a98c9b8a3612d3b4091eedaf36cfde7dc3aa7c
33646c13c405d7ac54bf61152a3c4805f423e95f9cd5439395290bee51947d3c
GET /oc-content/uploads/120_thumbnail.jpg HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:56 GMT
Server: Apache
Last-Modified: Sun, 09 Feb 2014 18:05:58 GMT
Accept-Ranges: bytes
Content-Length: 9612
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0b93bf10aa6a1c704f00fe526ad647b
0a19767b3b99aa79469aadc9b88ec5d3df93d442
852466649bb58710c5a9a42d6fcc2ada0d5062ba42351cc503ed2fdd46588e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4291
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Last-Modified: Mon, 12 Sep 2022 14:37:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-tail.gif
192.185.85.15200 OK 160 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-tail.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 54\012- data
Hash 1213442944824abd3d8e084ae69db093
6cb4d6a7a2332bac643c5458b1515a50d72c4752
ab1dc433e80b409ae0e8a9c2946404344c79d73e3c9cd407362fae575928f4c7
GET /oc-content/themes/autobilekas/images/nav-tail.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 160
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-left.gif
192.185.85.15200 OK 384 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-left.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 54\012- data
Hash 32c3a385616fb151ac3d32b7b3d88333
72d97890931283f12e7f66987a8758dca76a733c
719eaa3c5772e796b606b143874d16db01a99f3187a3103aa2701c12863d2c83
GET /oc-content/themes/autobilekas/images/nav-left.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 384
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-right.gif
192.185.85.15200 OK 383 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-right.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 54\012- data
Hash 6c2583a2d54e36ed8eb094de26f14827
94364cdf6faa740a960925088a492b1852d35971
fdc3a7e6c905b276c20c5f3adf3570a6ce8de62ffff9c45d90ff2135e840d379
GET /oc-content/themes/autobilekas/images/nav-right.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 383
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-arrow.gif
192.185.85.15200 OK 46 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-arrow.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 5 x 3\012- data
Hash 525447d0137694094df14d61ec94a645
e0eee2fecc60cae5da9ee4d17bd9bd83a584f271
768d09b9651bf696e7e0cfc37dc6ad0718ea60ae2709e89a8aa5c723c93fc987
GET /oc-content/themes/autobilekas/images/nav-arrow.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 46
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-act.png
192.185.85.15200 OK 139 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/nav-act.png
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 15 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5eac23159ccca6b77ab1b91180e53e96
e140e68d71f2ac99cc55d12bbfb587c5e0e67185
7227ffa1a85eddec86d534db96588695b40e1c6ee80570dc7ea64af09480cb6f
GET /oc-content/themes/autobilekas/images/nav-act.png HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 139
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/png
www.dayspasa.co.za/oc-content/themes/autobilekas/images/divider.gif
192.185.85.15200 OK 283 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/divider.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 2 x 50\012- data
Hash 6996056055b0d84f2617c31f221cf4be
f0e6c5aeeef56ad06ed87447f1a34c00a9e6b0b7
91e8e71e81a50345fa5b7d7975c78dbd0da4009072de19a77aa0f302611128bf
GET /oc-content/themes/autobilekas/images/divider.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 283
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/gif
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8tD9FrA7Lm4eM2NRiiQEOg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6wWKpIY37z0J8Ap45iPvbpuYTpQ=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0b93bf10aa6a1c704f00fe526ad647b
0a19767b3b99aa79469aadc9b88ec5d3df93d442
852466649bb58710c5a9a42d6fcc2ada0d5062ba42351cc503ed2fdd46588e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4291
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Last-Modified: Mon, 12 Sep 2022 14:37:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/WmJr1_luoTx.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/WmJr1_luoTx.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4093)
Hash 53d721865684811f74e6287d461271da
b8ea226e9f320b4a3f57fb9618b905322962ff11
e5c8dd9b49d068bf6f08d3ca93a0bb2d31c6fd1067c3f878a630aa1f36abeaaf
GET /rsrc.php/v3/yX/l/0,cross/WmJr1_luoTx.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 17:30:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: U9chhlaEgR905ih9RhJx2g==
x-fb-debug: inN9XQjNgp8zj0IFRbOGpfcHjM5sOVIZOocFNRFjVooWp/Xg5N6OD5oyrgBVfNCcvtq+EyNfyZa+Eb7YJUyN5g==
content-length: 5342
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (41977)
Hash 3ce46348c6edab150e0c6f8ce7cd0a0d
6aea70ed9afc6f514f89c0bca5a99f04c331bc24
8ac7aadd7e52746a466b2721699b1430ab4360c52d4c73dab9f51a849b73857d
GET /rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 01:41:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PORjSMbtqxUODG+M580KDQ==
x-fb-debug: NJQ12ZDBP34ZnXN4ZFSYVG844c14KE5zOeWLLhrmdptBmTh0Wtnh6A7qedPmNfkMESEwQvbFqZOlH0WpxqwSvQ==
priority: u=3,i
content-length: 23301
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
157.240.200.35200 OK 14 kB URL HTTP/2 www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21034)
Hash 076d1b4e6162b4ee952487123b140fe3
9cc048bb550eeac09df69e801a7e633e718a3ed8
ddf40cca705e4b31ac709248020d71e6f820fffd40ebc5d7f90750e815fae60e
GET /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDay-Spa-SA%2F678122152206848&width&height=62&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dayspasa.co.za/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: dB0NvjBKiBDlU0inKQEOliCWvlO6qTY9o06BJEMl59dyYAOggqv+u3TWy4VULmlI08jGR1MTTcGVkte4YcnJDA==
date: Mon, 12 Sep 2022 15:48:57 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dayspasa.co.za/oc-content/themes/autobilekas/images/spacer.gif
192.185.85.15200 OK 43 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/spacer.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /oc-content/themes/autobilekas/images/spacer.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/uploads/155_thumbnail.jpg
192.185.85.15200 OK 12 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/uploads/155_thumbnail.jpg
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 240x200, components 3\012- data
Hash b0c5bc3cf3f1c9c2693b8ac40adf9514
f1862923a33fd52ed51985d664a14743d9144513
488d750cd6d9f5dd12038cac0027478369f33cdbfcdfe7ef96195bba87ec6f45
GET /oc-content/uploads/155_thumbnail.jpg HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Fri, 03 Apr 2015 10:27:45 GMT
Accept-Ranges: bytes
Content-Length: 11759
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
www.dayspasa.co.za/oc-content/themes/autobilekas/images/order_by_current.gif
192.185.85.15200 OK 1.2 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/order_by_current.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 7 x 4\012- data
Hash d33f710b6644250313d02bfc26ec1413
5f2bc3be7622cac161a747380a9b42298137af7a
051ba1febbbb96adcf85479dfa774b900faffa6ddc7a75a6c1a4f6cab091e6f8
GET /oc-content/themes/autobilekas/images/order_by_current.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/extra.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 1151
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/footer-nav-tail.gif
192.185.85.15200 OK 159 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/footer-nav-tail.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 43\012- data
Hash 13fc726c223f3fc26727172e77849ec2
9780afcf132b4f78568f8c5876be0c7677f8a276
861659018caccc926331d2e14ed1585734f3a582053b6485bd6ab563547e6e0b
GET /oc-content/themes/autobilekas/images/footer-nav-tail.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 159
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/uploads/144_thumbnail.jpg
192.185.85.15200 OK 7.8 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/uploads/144_thumbnail.jpg
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 240x200, components 3\012- data
Hash 9f9bb04f264bb12678ec7c9024256e8c
29a0647414266590b0812f05557d45179c559853
245b0fde53093d004f5bbca9fc2cd014e7d1cc267379e7b47f4cc43f2ac73f11
GET /oc-content/uploads/144_thumbnail.jpg HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 16 Mar 2014 15:05:24 GMT
Accept-Ranges: bytes
Content-Length: 7814
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
static.xx.fbcdn.net/rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18501)
Hash e712b0060a23b6c5ede3b67e0bb8639e
faf1f8ee5d679c27fb0fd418f63cf7d851344d26
0efe6b239b3fb45de4071c337078b2b43696cdccdf01024f527af941701239fd
GET /rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 03:30:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5xKwBgojtsXt47Z+C7hjng==
x-fb-debug: 3c0szJoPJlw3vjUpY97f7O7xkRYg1sm5oRSI3yfowVeJWTVbFZE/6e7l9rVCMDvSXmxGXtVhnpsTmkqZudUKqQ==
priority: u=3,i
content-length: 90711
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 03:49:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 1H+cs2lMev1HBpUeTCn8T+bIDVJP2spw0fwEFk5T7AOI7KfQoYsEmOnrz3Rcq60MjlVAxmuaZVBSKR5GO2225w==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5261)
Hash 6059f2908fc78af36d89f372311116ef
431905421a858f26f5624203b0ecae7b6d8c6c42
33ba2a807c3a7a85d489d24e1a843c4361a791492fdbe68e471d2064155467f0
GET /rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 01:40:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YFnykI/HivNtifNyMREW7w==
x-fb-debug: XY7hTNsHQVg4WmMiknDOY8p46PgjKqNyZr0zZFrXIZVUMCXxYI04B1QnT9wGtBq3l2Kcary5RdcB8gguz65EjQ==
content-length: 12179
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (7299)
Hash 1626e8e828598e06ccd0c47e55b42304
af5c62af35bf22b593fdbe758a2feea6bc1b057f
3798dbb7df2694a222f65f4cadc92e6d133fc8f5fc2b00f326df521cd0c24b25
GET /rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 23:17:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Fibo6ChZjgbM0MR+VbQjBA==
x-fb-debug: WZ717luA04eC0w9/UftRjzgVoR53s4cLWDM5YQJJl1SlHzDZq1EPRlrPMKpwUP59alRadSFaFlKs2dUrV42AgQ==
priority: u=3,i
content-length: 15844
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dayspasa.co.za/oc-content/themes/autobilekas/images/footer-nav-right.gif
192.185.85.15200 OK 358 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/footer-nav-right.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 43\012- data
Hash da68750ebeaa476f1619583bfc05af74
a28728efbb49d77a26af25dabdb47ba2094b78a8
3491ecf0fe9138c827bafcfbc5bf16e34179cb0f9ec95f38ec10eddbcff6d214
GET /oc-content/themes/autobilekas/images/footer-nav-right.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 358
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/footer-tail.gif
192.185.85.15200 OK 516 B URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/footer-tail.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 98\012- data
Hash d9d221f697e5a0030b1d9d4ecca7e56a
400aa32174355a847d37ccd252a6c740fed991ca
0c8c528250e0708e61ab67c537c6bf04da27d73bffaf6a1082a6549841b98ddd
GET /oc-content/themes/autobilekas/images/footer-tail.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/oc-content/themes/autobilekas/css/style.css
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 03 Nov 2013 19:16:23 GMT
Accept-Ranges: bytes
Content-Length: 516
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/logo.gif
192.185.85.15200 OK 12 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/logo.gif
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 194 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 8962de658168f0997cdd676912ad255c
8a17b772f0ec36a3635f97340ca0a513136309e3
9eb71c4f069e6dc8d8fdab572fe77cea0a117d53775949e8f8eee6e97d831a39
GET /oc-content/themes/autobilekas/images/logo.gif HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2013 10:33:12 GMT
Accept-Ranges: bytes
Content-Length: 11749
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/gif
www.dayspasa.co.za/oc-content/themes/autobilekas/images/spa-heading-1.png
192.185.85.15200 OK 3.0 kB URL HTTP/1.1 www.dayspasa.co.za/oc-content/themes/autobilekas/images/spa-heading-1.png
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 220 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 263faa046336f66a9542e547582aec27
aef0f9e780c72b18305455d0629009112666c450
dc110ca3ff0bd5601e8f223e8df09f081102ea8f165f0e6fb1da68f94e43f03e
GET /oc-content/themes/autobilekas/images/spa-heading-1.png HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Sun, 01 Dec 2013 17:24:03 GMT
Accept-Ranges: bytes
Content-Length: 2970
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
157.240.200.14200 OK 573 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
IP 157.240.200.14:0
File type PNG image data, 13 x 39, 8-bit colormap, non-interlaced\012- data
Hash d3b686ff6004b431d5019e4b51a8cc0d
34ec288bdcad2eada81c75960439bf60b95eb285
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/WmJr1_luoTx.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
expires: Mon, 11 Sep 2023 01:32:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: FrN5IboOztjv/XFOwUN2FekAAVOasfxtxc+QyoR/Cv4V8nvGLvU7vdwghQWgDFD2MIZGAXthlCKxLvf69/Cv3A==
priority: u=3,i
content-length: 573
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4061)
Hash d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d
GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 03:18:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: AxuBRMeecTqjG7KRWPqbLid14yKdY3m8h2KqMlAi9Ts8Zer7pJ2yodNVaiI5ulOtBZKd+VnBPzEaOc8SX9rrgg==
content-length: 7236
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 15:48:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.194200 OK 58 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (2903)
Hash bd90723d6fbf721c6ada54bc086cdd98
9ff1b686c6eec374ec0d482241576191fec586f1
2743089fd428cf7e5485c6d8b9f295deeed06e63402863cdd9ba5d9fd4b96b53
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 12 Sep 2022 15:48:57 GMT
Expires: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 6534537022934879953
Vary: Accept-Encoding, Origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 57464
X-XSS-Protection: 0
www.dayspasa.co.za/favicon.ico
192.185.85.15200 OK 1.2 kB URL HTTP/1.1 www.dayspasa.co.za/favicon.ico
IP 192.185.85.15:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b2b2f6ca165f46161c2644b359451be
fb8b35b8c6f90d4f4089b62c52bc6ab42ba9799a
e38c59b2752a9c6068e2f722702577f4e318796d7d4d44b94425b1bdac032f40
GET /favicon.ico HTTP/1.1
Host: www.dayspasa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dayspasa.co.za/search/category,gauteng/sorder,i_price/iordertype,asc/ipage,1/
Cookie: osclass=fafpi20p4vkcjmmhp2tpebrpu5
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 15:48:57 GMT
Server: Apache
Last-Modified: Wed, 27 Nov 2013 11:02:01 GMT
Accept-Ranges: bytes
Content-Length: 1212
Cache-Control: max-age=604800
Expires: Mon, 19 Sep 2022 15:48:57 GMT
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220907/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Mon, 12 Sep 2022 14:24:36 GMT
expires: Mon, 26 Sep 2022 14:24:36 GMT
cache-control: public, max-age=1209600
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
age: 5061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8830622953633570&plah=www.dayspasa.co.za&bust=31069437
216.58.207.194200 OK 124 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8830622953633570&plah=www.dayspasa.co.za&bust=31069437
IP 216.58.207.194:0
File type ASCII text, with very long lines (4492)
Size 124 kB (124232 bytes)
Hash 7a9f06f7c56841acc6c0c1e06efeda07
f93fa405772db5a20a78a221367f789701f0f934
97f0c7dc1c1bf0711fb80146017fb332fa369e5b24f44524b87fafadba60e5e3
GET /pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8830622953633570&plah=www.dayspasa.co.za&bust=31069437 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Sep 2022 15:48:57 GMT
expires: Mon, 12 Sep 2022 15:48:57 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16229494878706718810
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 124232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.dayspasa.co.za
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.dayspasa.co.za
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.dayspasa.co.za HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 15:48:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.dayspasa.co.za&callback=_gfp_s_&client=ca-pub-8830622953633570
142.250.74.98200 OK 201 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.dayspasa.co.za&callback=_gfp_s_&client=ca-pub-8830622953633570
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash a04d3af148ec966cafbe0736a844b3ca
a9d334cac2e95090d6a2613c621833838514e8d0
40f6ea2328dcd2f408119847f75bc80470eb4108618746f0dc7b1b23e810c3bf
GET /gampad/cookie.js?domain=www.dayspasa.co.za&callback=_gfp_s_&client=ca-pub-8830622953633570 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 15:48:57 GMT
server: cafe
cache-control: private
content-length: 201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.dayspasa.co.za
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.dayspasa.co.za
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.dayspasa.co.za HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 15:48:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 52538aa2b7a37b16824f656228e83ce5
a7ba272eef977c3a2d7315b6ee092ad04566e5fa
8f5ea00528714ab8652d84df2682c33de9e62e541c4bbbc78d6ed82e14445451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3a03c878112c8ef85a7ed1cd100fbcb3
47491937066dc1e5d43a194ee32aa102166d0ba0
cbf573f248c8c192f9f81effe4ccce186b03e2094f8da66dd34e28e1eb9e62e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18142
Expires: Mon, 12 Sep 2022 20:51:20 GMT
Date: Mon, 12 Sep 2022 15:48:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18142
Expires: Mon, 12 Sep 2022 20:51:20 GMT
Date: Mon, 12 Sep 2022 15:48:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18142
Expires: Mon, 12 Sep 2022 20:51:20 GMT
Date: Mon, 12 Sep 2022 15:48:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18142
Expires: Mon, 12 Sep 2022 20:51:20 GMT
Date: Mon, 12 Sep 2022 15:48:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18142
Expires: Mon, 12 Sep 2022 20:51:20 GMT
Date: Mon, 12 Sep 2022 15:48:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 65227
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 12 Sep 2022 15:48:58 GMT
expires: Mon, 12 Sep 2022 15:48:58 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:13:41 GMT
age: 30917
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash beca122055c554548ca6ef68a66a4e2e
cf5ec3650282d05c082eb0534f1b70a59f9f4bbe
a9cf7ef5dfb6a58c66bc29b2a280c2253e56a28ce317d8271273ddae2008d9d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9126
x-amzn-requestid: 86fd10d3-f2bb-4191-93b0-3a416000fd68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJHeGMqoAMFnwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5562-1f8b12e10d7212353f050f3f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WcMMN48JT7YRvUBGR6oAes5EwusRcdgrWT60xJffsOfsbkJ4_XyALg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 65227
etag: "cf5ec3650282d05c082eb0534f1b70a59f9f4bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UxATqmWDCTwVqA3ORIXXObWZZj158TSRUoaAr48b08sxdAxBicw5zA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:27:45 GMT
age: 30073
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:14 GMT
age: 64844
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:04:42 GMT
age: 42256
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 07:47:45 GMT
expires: Fri, 08 Sep 2023 07:47:45 GMT
cache-control: public, max-age=31536000
age: 374473
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 15:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash f1747bbede190ba85a535c56259725d2
70447d29082b79989d8ef4775fda847bcd43952f
642ad6ec083aba6ed8dcfba31df6eb2fe8f55a4df3a40ca931b6dd49473eb7a3
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dayspasa.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 12 Sep 2022 15:48:58 GMT
date: Mon, 12 Sep 2022 15:48:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-QC9DFWFbtXqpfFKmqDJeQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2