www.philippineairlines.com/covid-information-hub
13.107.238.53302 Found 0 B URL HTTP/1.1 www.philippineairlines.com/covid-information-hub
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /covid-information-hub HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://www.philippineairlines.com/covid-information-hub
X-Azure-Ref: 0KA3bYwAAAACnQ+pOIUu/Rpkdp4UrQI4RQ1BIMzBFREdFMDQxNQBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
Set-Cookie: ASLBSA=000380a400d6e46796fffc4ef252c56d795a9eb1562ae17a4e4443e369d8516f69fe; path=/
ASLBSACORS=000380a400d6e46796fffc4ef252c56d795a9eb1562ae17a4e4443e369d8516f69fe; samesite=none; path=/; secure
Date: Thu, 02 Feb 2023 01:08:56 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15053
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16119
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:43:26 GMT
content-type: application/json
age: 1531
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10250
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TMwLHiJkWx36K7aF71ItPv4tE51Eg8hxEGZc6HEMfZfofx3qwgP7hTyHrTztOr17xwwC44YzosQ=
x-amz-request-id: J2YRSQH8JVZAF8J4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:51:46 GMT
age: 1031
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:08:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:49:05 GMT
age: 1192
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4976
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K/NSanI9pBTjvmqEtJFpNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fSDcbv99SgYN7DYgjK5f5pNYyM8=
www.philippineairlines.com/covid-information-hub
13.107.237.53200 OK 39 kB URL HTTP/2 www.philippineairlines.com/covid-information-hub
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51645), with CRLF line terminators
Hash 82842177da43124460d09270da12e12b
218169ce5187cb9db3f863986a68fc4a4fd6f2a5
df3d0547cfdab4eee8cf9b9d4c8d2b52367cab96441c21dcacfdb71db4f24092
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /covid-information-hub HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 38998
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: shell#lang=en; path=/; secure; SameSite=None
ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; path=/; secure; HttpOnly; SameSite=None
SC_ANALYTICS_GLOBAL_COOKIE=07ade321db3d494baae5062ee5136c7d|False; domain=dev.local; expires=Sun, 30-Jan-2033 01:08:57 GMT; path=/; secure; HttpOnly; SameSite=None
ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a;Path=/;HttpOnly;Secure;Domain=www.philippineairlines.com
ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.philippineairlines.com
ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; path=/; secure
ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; samesite=none; path=/; secure
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0KQ3bYwAAAAAbaWQcf+dSRZYNA8OOQREcQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:57 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/Styles/assets/js/lang.js?v=6
13.107.237.53200 OK 12 kB URL HTTP/2 www.philippineairlines.com/Styles/assets/js/lang.js?v=6
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 3035992c2baab07a285c44b5004efdad
6e272cca0a0bffc703d7300b0d495f8b7b7bc243
d1e8b14dadd2dfb46d45548f39613b18b817e8690085a3d1167427fa0071fa1b
GET /Styles/assets/js/lang.js?v=6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 11969
content-type: application/x-javascript
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 12:11:02 GMT
accept-ranges: bytes
etag: "0fd06d912dd91:0"
vary: Accept-Encoding
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0r+zYYwAAAACtLLxPDk2MRaBL+wFlYAXPRlJBMjMxMDUwNDE4MDE5AGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADwOZwyhJZKTbiXmS7Rqy2HQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.philippineairlines.com/Styles/assets/js/scripts.min.js?v=6
13.107.237.53200 OK 519 kB URL HTTP/2 www.philippineairlines.com/Styles/assets/js/scripts.min.js?v=6
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 519 kB (518671 bytes)
Hash 8178e219086010c64352581a50f1bbd7
cd85f6317e47e3c2035d3b32cccdae15d96166a2
942bff53d6a78b83fac0aca9a24dfa00ec32786e17e1354cacd5fcd98142a024
GET /Styles/assets/js/scripts.min.js?v=6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 12:11:02 GMT
accept-ranges: bytes
etag: "0fd06d912dd91:0"
vary: Accept-Encoding
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0p9DaYwAAAACGnORNnmDWSIUbJcgKh+0PRlJBMjMxMDUwNDE3MDQ3AGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAC+/NdeDjyuS5+EukvBJwuEQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/layouts/system/VisitorIdentification.js
13.107.237.53200 OK 883 B URL HTTP/2 www.philippineairlines.com/layouts/system/VisitorIdentification.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 9d2e1eaf43468fc656b5f9662dc4f046
f58463ad01f0864f1aec730340cfe3d3cba9692e
fa2f590c0214c829bb52b4e75ca197b36d59851d3a933e93aeffd4dd4d0cab5c
GET /layouts/system/VisitorIdentification.js HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 883
content-type: application/x-javascript
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 19:14:10 GMT
accept-ranges: bytes
etag: "0ed7a5e6afd71:0"
vary: Accept-Encoding
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACDf/YVpq57T4hrUXMdDa4KQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.philippineairlines.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 496849
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.philippineairlines.com/-/media/images/pal/footer/apple-store-badge.png?h=40&w=120&hash=0153EA041D16FA9FDDDDC142DAEB52A6
13.107.237.53200 OK 1.3 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/apple-store-badge.png?h=40&w=120&hash=0153EA041D16FA9FDDDDC142DAEB52A6
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 120 x 40, 8-bit colormap, non-interlaced\012- data
Hash 2120ce1949f2273c3c227fc550a75091
a55a0a3ca8b9ab6b5098e0f4021546a61e8ecf3f
ea013a00748b1af25d8489fdf57ea6833fcdbf5d20553e830e289dcc7b7c4718
GET /-/media/images/pal/footer/apple-store-badge.png?h=40&w=120&hash=0153EA041D16FA9FDDDDC142DAEB52A6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1302
content-type: image/png
last-modified: Mon, 16 May 2022 07:12:12 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Apple store badge.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABzObRQoWxSTouIQ7Gm0AR7Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/logo/logo.svg?h=29&w=47&hash=F6C0638EBB704192FD6EEBA5E112F8B3
13.107.237.53200 OK 6.8 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/logo/logo.svg?h=29&w=47&hash=F6C0638EBB704192FD6EEBA5E112F8B3
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6826)
Hash a7e7afdb5f4e47eeaaef7957238440cc
6c5321821768079c949a917b957bf7b03a9eaaad
5c741ded6070d53fe180b6b0ce319f37956c1e2dd4aa2a203124637ade6a1009
GET /-/media/images/pal/logo/logo.svg?h=29&w=47&hash=F6C0638EBB704192FD6EEBA5E112F8B3 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 6827
content-type: image/svg+xml
last-modified: Fri, 20 May 2022 02:48:40 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="logo.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABC23Rh3p53QL/OvOq4CmgqQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5774
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 01:08:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5774
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 01:08:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5774
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 01:08:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 11641
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 11116
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 10041
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129c5bd93215d4f092922326826223e
b6df7a2f09b0efd9342589ffde5621ca6f894285
07fb43e6e0e11d9cd4bcf5d51d248f0fb85d41e231042bc7ad6c1897b3e82556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8296
x-amzn-requestid: 5961f5cd-2288-44e2-9eb2-35c115cdd95f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGqWoAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-609946154fa2e547084125e4;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFS3n1VPoHesu6OC4w3L5ygNtVOxAL2EyfIZG-S26x8m9GFKdJpHpA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 11317
etag: "b6df7a2f09b0efd9342589ffde5621ca6f894285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pwsRzGhqa83gc7xjxWBwpPFEmiVKLY3_YKm1OuRbKgXPyvOSzRtoZQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 11317
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a62a4f48037f1f84b8fd03347daf9ab9
e67e666749b07a0d343d1d0f74d59155ba25d687
5a9ebe1bec39e5d69b20c9747f32c85be906cddba92501052d54dc9a37d3c52d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2874
x-amzn-requestid: 0102a009-be1f-4890-97db-674ebd79e449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frep5EBOoAMFgiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3f-371af67b2cc767ed35cb81d6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MwPmKlNm1j7hqbrlEgxAlfu0gQQNhnkrHnL-YABUr7P8_oFaoFDgFA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:37 GMT
age: 11302
etag: "e67e666749b07a0d343d1d0f74d59155ba25d687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/facebook.svg?h=48&w=48&hash=39C77C15461BF220ECFED87702770115
13.107.237.53200 OK 439 B URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/facebook.svg?h=48&w=48&hash=39C77C15461BF220ECFED87702770115
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (438)
Hash d4496f00ba0fa899abf38cbf0869e976
9e5d81ebec1a390eeee46c19cae0acac583294e2
f5e90c0a1e0307344a8e4b405bfb88a30f91ce591687e2ab3a55a72795c7e323
GET /-/media/images/pal/footer/facebook.svg?h=48&w=48&hash=39C77C15461BF220ECFED87702770115 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 439
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:12:27 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Facebook.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADKiIFJC8p+TpDk51os6sV+Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/mc_idcheck_vrt_rgb_rev.png?h=1022&w=1364&hash=E36AFC46EFABDF798564C31666CCADA3
13.107.237.53200 OK 11 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/mc_idcheck_vrt_rgb_rev.png?h=1022&w=1364&hash=E36AFC46EFABDF798564C31666CCADA3
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1364 x 1022, 8-bit colormap, non-interlaced\012- data
Hash de2b0788f6c1e625aa829da24fcb8c8a
51bd7242efb51f9c888ab3796924b41a1ee5907e
f202c097e42c98c1a387ee6a586108adcf8c10503959315b5a794b8019a0971b
GET /-/media/images/pal/footer/mc_idcheck_vrt_rgb_rev.png?h=1022&w=1364&hash=E36AFC46EFABDF798564C31666CCADA3 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 11042
content-type: image/png
last-modified: Tue, 13 Sep 2022 02:30:29 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="mc_idcheck_vrt_rgb_rev.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACv8Fb1x10XTJ94wWS3EvqQQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/jsecure.png?h=110&w=188&hash=9865E9718EDA15A353E5C3EBB6DE8080
13.107.237.53200 OK 4.7 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/jsecure.png?h=110&w=188&hash=9865E9718EDA15A353E5C3EBB6DE8080
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 188 x 110, 8-bit colormap, non-interlaced\012- data
Hash 87e128556ec309e4c2b44a709708b503
8929d13bc9af15ec42169c9726b85ce54c69a5ab
917a1d5202d53b9e31f98e561274bef1943290079cd73aa4b33bb5a7b555417f
GET /-/media/images/pal/footer/jsecure.png?h=110&w=188&hash=9865E9718EDA15A353E5C3EBB6DE8080 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 4731
content-type: image/png
last-modified: Tue, 13 Sep 2022 02:01:18 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="JSecure.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAAD1WNAWroESJGq/x9Q4SVZQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/api/pagecontent/GetFeedbackSurveyScript
13.107.237.53200 OK 952 B URL HTTP/2 www.philippineairlines.com/api/pagecontent/GetFeedbackSurveyScript
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (386), with CRLF line terminators
Hash d5d4431ce0403134bab5513dc4277704
d837b07f466ee39ab74caa214d627e0200a09382
0c49904ae37968c90b54f172404e7b2f5b4603f3e62ade4a0522447665562099
GET /api/pagecontent/GetFeedbackSurveyScript HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 952
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: SC_ANALYTICS_GLOBAL_COOKIE=07ade321db3d494baae5062ee5136c7d|False; domain=dev.local; expires=Sun, 30-Jan-2033 01:08:58 GMT; path=/; secure; HttpOnly; SameSite=None
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABD2wFGvU1bT7ARzl6xJWoBQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/compliancebadge-pcidss.png?h=367&w=542&hash=43FBD1171B779B0C668B78FF9F10739E
13.107.237.53200 OK 8.3 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/compliancebadge-pcidss.png?h=367&w=542&hash=43FBD1171B779B0C668B78FF9F10739E
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 542 x 367, 8-bit colormap, non-interlaced\012- data
Hash bf44bee38941f943a75d186efc7f4ee6
95943c2dde8fe8ac40fca4932c34f361c7df2aea
986cb6974df732384d2c4b989b6ecb0a377186e0cc73f638d5ae61c51d30334b
GET /-/media/images/pal/footer/compliancebadge-pcidss.png?h=367&w=542&hash=43FBD1171B779B0C668B78FF9F10739E HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 8294
content-type: image/png
last-modified: Fri, 24 Jun 2022 04:24:29 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="ComplianceBadge-PCIDSS.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADp1X8OhjwHTaE/JgSF4MOXQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/twitter.svg?h=48&w=48&hash=A5953F460F507C3F2AFCD59F31B8C503
13.107.237.53200 OK 691 B URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/twitter.svg?h=48&w=48&hash=A5953F460F507C3F2AFCD59F31B8C503
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (690)
Hash 90ef8a8add3bc60c6592cc14d4cd14cc
18ad19cef7848bafdf4f922f173ec542160b4708
d4686856c8105f53f9b56d7a3c831fa0adda46ebe6bf0856746178f7205bc2d1
GET /-/media/images/pal/footer/twitter.svg?h=48&w=48&hash=A5953F460F507C3F2AFCD59F31B8C503 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 691
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:13:09 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Twitter.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAAOv6emIkK0TYJuyVhlG8dvQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/logo/logo-white.svg?h=48&w=48&hash=5BA4AF5D5E0490F904267841FA520AEF
13.107.237.53200 OK 6.6 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/logo/logo-white.svg?h=48&w=48&hash=5BA4AF5D5E0490F904267841FA520AEF
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6614)
Hash 7296c2e915b1d0949d3a24e48a87ea44
f460fc97b5f5b0267a1ca601cb977b08da1cf4cb
af4db5ca5fb2e168de853e50988608941d29fc001e47be36834bbebcfd6e6772
GET /-/media/images/pal/logo/logo-white.svg?h=48&w=48&hash=5BA4AF5D5E0490F904267841FA520AEF HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 6615
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 06:29:08 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="logo-white.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAANO5dB3mZLRbQqrUrSsLk0Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/safekey_alt_rgb_reverse.png?h=338&w=937&hash=63631A43D97B26401EF8A89FD41DAB6D
13.107.237.53200 OK 11 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/safekey_alt_rgb_reverse.png?h=338&w=937&hash=63631A43D97B26401EF8A89FD41DAB6D
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 937 x 338, 8-bit colormap, non-interlaced\012- data
Hash 665ef66ad59ed830f8368011ecba3c4e
0bc6e86b269eb8b20fc56d3647167685ec5c4400
0f695be467396915c66bfa1cd008b1765b16c1a318e4ccbec393f37ca29e780c
GET /-/media/images/pal/footer/safekey_alt_rgb_reverse.png?h=338&w=937&hash=63631A43D97B26401EF8A89FD41DAB6D HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 11058
content-type: image/png
last-modified: Tue, 13 Sep 2022 03:28:33 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="SafeKey_Alt_rgb_reverse.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAD4k/jMLV+1TaAaZaB3evs7Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/instagram.svg?h=48&w=48&hash=C4218136A27A759031861BF80AB4650B
13.107.237.53200 OK 1.4 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/instagram.svg?h=48&w=48&hash=C4218136A27A759031861BF80AB4650B
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1446)
Hash 0280d3ab992044f118e077b3297c535e
f47f793569999189300b5ee0fb8634d4dbe51e1b
561684d3623a36f22dff5817db551755c23bad4bd9c70e381b95109ba9e83f3b
GET /-/media/images/pal/footer/instagram.svg?h=48&w=48&hash=C4218136A27A759031861BF80AB4650B HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1447
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:12:55 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Instagram.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABzHyyA4AbcTKYJhiyUIYvrQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/visa-secure_blk_dkbg.png?h=198&w=198&hash=74288364B0CE637D3D49C503A8BBCADD
13.107.237.53200 OK 4.4 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/visa-secure_blk_dkbg.png?h=198&w=198&hash=74288364B0CE637D3D49C503A8BBCADD
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 198 x 198, 8-bit colormap, non-interlaced\012- data
Hash 2fcb76a9d2b25318a6baa175714799d0
4d9832bfe323f9f6b460a3add953d7f06c926ba4
693ff8394c22630a47cf4428c5a076fae6cc72fa5720f7751cefc9aa46aebabd
GET /-/media/images/pal/footer/visa-secure_blk_dkbg.png?h=198&w=198&hash=74288364B0CE637D3D49C503A8BBCADD HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 4389
content-type: image/png
last-modified: Tue, 13 Sep 2022 03:36:04 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="visa-secure_blk_dkbg.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACVUfQv4XHGQqTj4pfRoJgiQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/pal/footer/youtube.svg?h=48&w=48&hash=A4CD22D374E4DD56E14CC0C7622DA2A4
13.107.237.53200 OK 1.9 kB URL HTTP/2 www.philippineairlines.com/-/media/images/pal/footer/youtube.svg?h=48&w=48&hash=A4CD22D374E4DD56E14CC0C7622DA2A4
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1891)
Hash 4c5944f362e4513b118a088e722a3012
d8aa3269f3a4e248e06032c0e2c7cc615ee816f2
83c189d5981d35eb725cee7d7e0fdbd4d736c0472ac4db87f25fd8ecdc8635a6
GET /-/media/images/pal/footer/youtube.svg?h=48&w=48&hash=A4CD22D374E4DD56E14CC0C7622DA2A4 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1892
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:13:24 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Youtube.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACYHxtqmpeERpkYP2u6OhMtQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/Styles/assets/css/styles.min.css?v=6
13.107.237.53200 OK 104 kB URL HTTP/2 www.philippineairlines.com/Styles/assets/css/styles.min.css?v=6
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 104 kB (103777 bytes)
Hash afe17aebdc1f13a1c74afe7e7f8e234b
6bbc66ba346baacd0f6a01c493efd9b0d4a6ea67
d4d3a093e4089b66166abfdb42f33b7ef39c6b4cba3c9864b464ebf51f6fb384
GET /Styles/assets/css/styles.min.css?v=6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 12:11:02 GMT
accept-ranges: bytes
etag: "0fd06d912dd91:0"
vary: Accept-Encoding
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0zPzaYwAAAAC/WXkMdr74RZbbo6O49QtfRlJBMjMxMDUwNDE3MDMzAGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADMFuIUjZZMS4aeoQxiNuXoQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/travel_rules_req_icon_48x48.png?h=48&w=48&hash=516A923BB47D479178620ACBA83E2BEC
13.107.237.53200 OK 17 kB URL HTTP/2 www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/travel_rules_req_icon_48x48.png?h=48&w=48&hash=516A923BB47D479178620ACBA83E2BEC
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 08c559d543578c83e6cdbb5437a5c37d
2d83400beef24c849d202a640a97a6ced6d0d1fe
4a1c606ca51eabdb6c4f481ea6b32d16744c69e0f2ca0604d83454e8fd16f41b
GET /-/media/images/new-pal-mm-web-images/icons-part-1/travel_rules_req_icon_48x48.png?h=48&w=48&hash=516A923BB47D479178620ACBA83E2BEC HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 17095
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:21:50 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="travel_rules_req_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABmGuUA5NH4TLi83wrCp23HQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/safety_measure_icon_48x48.png?h=48&w=48&hash=2E9BBC5E52787EDF3F25684854CC5773
13.107.237.53200 OK 18 kB URL HTTP/2 www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/safety_measure_icon_48x48.png?h=48&w=48&hash=2E9BBC5E52787EDF3F25684854CC5773
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 92be4dd98f20c952d659d7289f71fc80
bcb35410ab0a776057abbbb05e60a2bc9cf7991e
59cac238842a7e5d0ff03e4b06784da2aa13e3aecf92528931ab68da9ec6013a
GET /-/media/images/new-pal-mm-web-images/icons-part-1/safety_measure_icon_48x48.png?h=48&w=48&hash=2E9BBC5E52787EDF3F25684854CC5773 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 17600
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:21:58 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="safety_measure_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACqj31MylZAR6JD4RuM1v1IQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/latest_flight_update_icon_48x48.png?h=48&w=48&hash=4B09A768E06CC596025AF555309732D2
13.107.237.53200 OK 18 kB URL HTTP/2 www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/latest_flight_update_icon_48x48.png?h=48&w=48&hash=4B09A768E06CC596025AF555309732D2
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash f44233206ba8bfc6879eefa2d0212121
1026625e2628cba36c2377adb39272c1772e7722
868502d7c0676c9631d3cb98ad165fa34a30cbefd6c7d7a6721eb7a1ad6addf7
GET /-/media/images/new-pal-mm-web-images/icons-part-1/latest_flight_update_icon_48x48.png?h=48&w=48&hash=4B09A768E06CC596025AF555309732D2 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 18001
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:22:31 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="latest_flight_update_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAC98xPfxKvMQbIOVzBT8GPGQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/passenger_options_icon_48x48.png?h=48&w=48&hash=4D06774E8FFFB7B20760A4C5C321A88B
13.107.237.53200 OK 18 kB URL HTTP/2 www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/passenger_options_icon_48x48.png?h=48&w=48&hash=4D06774E8FFFB7B20760A4C5C321A88B
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 59269397c645c2331d8fa5aa77922c8a
f4d66f97264f7b101297adb07477eb52ac746291
1790b5a1cb0132562ae5abfa6e8b5b19a15955595d740746a557fca0f2da1dfa
GET /-/media/images/new-pal-mm-web-images/icons-part-1/passenger_options_icon_48x48.png?h=48&w=48&hash=4D06774E8FFFB7B20760A4C5C321A88B HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 18283
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:20:59 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="passenger_options_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACPewSmLeSPToYF+l5qx7gJQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/mypal_request_hub_icon_48x48.png?h=48&w=48&hash=191E3BE253984D54B15E5648EABC1D43
13.107.237.53200 OK 17 kB URL HTTP/2 www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/mypal_request_hub_icon_48x48.png?h=48&w=48&hash=191E3BE253984D54B15E5648EABC1D43
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash ae043774ce1f414048e4e97324e09269
c04edff8eb0a7eb8e7a684c72dd8d3c1c4510f53
9fe1fbfa4b2a600adacaa3ee08a82830be1c2c6466fcda8b2edecf5b565e8fff
GET /-/media/images/new-pal-mm-web-images/icons-part-1/mypal_request_hub_icon_48x48.png?h=48&w=48&hash=191E3BE253984D54B15E5648EABC1D43 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 17019
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:22:13 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="myPAL_Request_Hub_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAASgno2F4Z1TbwCq8OR9THUQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TM66BB
142.250.74.168200 OK 96 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TM66BB
IP 142.250.74.168:0
File type ASCII text, with very long lines (43069)
Hash c2cdc4b06fd401be3c968bfda90efc16
d219aa21630d2acd24bc5e2ee9ff92773d8573dc
28f6271f675bfe9589223602ebf7a359818e169a728ffb64152d153d4216d352
GET /gtm.js?id=GTM-TM66BB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/covid-information-hub/parent-hero/parent-desktop/covid-information-hub-parent-hero-1440x600.png?h=600&w=1440&hash=A2E15B92BD173AF8AFB59F63B437BBD4
13.107.237.53200 OK 363 kB URL HTTP/2 www.philippineairlines.com/-/media/images/new-pal-mm-web-images/covid-information-hub/parent-hero/parent-desktop/covid-information-hub-parent-hero-1440x600.png?h=600&w=1440&hash=A2E15B92BD173AF8AFB59F63B437BBD4
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1440 x 600, 8-bit colormap, non-interlaced\012- data
Size 363 kB (363002 bytes)
Hash c2ba2f78e65101fc042753ae6a1623cb
ff290ce7e8f4d3531eef49c9ae0e3e55cdde5021
dfdac784e2d2470e2f7ebe9ad04a429b65a8bbb88f838e7d05cb9e6942c3ac04
GET /-/media/images/new-pal-mm-web-images/covid-information-hub/parent-hero/parent-desktop/covid-information-hub-parent-hero-1440x600.png?h=600&w=1440&hash=A2E15B92BD173AF8AFB59F63B437BBD4 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 363002
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:13:11 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Covid Information Hub Parent Hero 1440x600.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACpNCnOLde3ToKO70ONbATcQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/feature/covid/step3_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2A3117DA002D3BFC92E2626636FA03EC
13.107.237.53200 OK 22 kB URL HTTP/2 www.philippineairlines.com/-/media/feature/covid/step3_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2A3117DA002D3BFC92E2626636FA03EC
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash 33b1640402f492863ae1c3a9dca0ca94
0c836a5a9360dab76bc7aefafe1728c34b74e927
66612c9263ec41d0ebac9712a2e569dd14b33b7a303501821e9d92e39e7ccf6a
GET /-/media/feature/covid/step3_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2A3117DA002D3BFC92E2626636FA03EC HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 21908
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:38 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step3_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABr47cADaKrQ52O/YPeMg5pQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/feature/covid/step2_update_contact_covid_icon_144x144.png?h=144&w=144&hash=E04806D7250B40FAA35FDD8B327F9B8F
13.107.237.53200 OK 23 kB URL HTTP/2 www.philippineairlines.com/-/media/feature/covid/step2_update_contact_covid_icon_144x144.png?h=144&w=144&hash=E04806D7250B40FAA35FDD8B327F9B8F
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash 38167b9ebd870aea0deb3f31f000009c
fb87a753599ec0c79773a905abee9dcb00421d8e
bbd66c272b5dc764be49ba2d8290f00d507fa933f33bba590cdfd210a3181082
GET /-/media/feature/covid/step2_update_contact_covid_icon_144x144.png?h=144&w=144&hash=E04806D7250B40FAA35FDD8B327F9B8F HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 22819
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:39 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step2_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAB5v0M8AeXcQoIaCQcNyj4kQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/feature/covid/step4_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2FE744C1313FF709C2C2820C9FFFED90
13.107.237.53200 OK 23 kB URL HTTP/2 www.philippineairlines.com/-/media/feature/covid/step4_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2FE744C1313FF709C2C2820C9FFFED90
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b4e00032983902b426e2d06ee9eb9bd5
4d9989e3897cfcd1efff9345fe46dee5a9194aa3
e59a9b42aa5d270f9fb92ad2b722335f5e38f74e49dbf66c4fddfacc52ceeda0
GET /-/media/feature/covid/step4_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2FE744C1313FF709C2C2820C9FFFED90 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 22640
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:38 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step4_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAA88g3Ml1k9R5zAFKim6QvNQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/feature/covid/step1_update_contact_covid_icon_144x144.png?h=144&w=144&hash=C567AE342A1FCDB0680AF165BE7C8C93
13.107.237.53200 OK 22 kB URL HTTP/2 www.philippineairlines.com/-/media/feature/covid/step1_update_contact_covid_icon_144x144.png?h=144&w=144&hash=C567AE342A1FCDB0680AF165BE7C8C93
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash 08897a9d24c55a40e46651596fa70bc9
785993c3bf359dd3b3fc913e727e462d4d40fb2b
384e5f53fd03b0bdf14528e822c150ec92e82f4c847a124b324b7736106ac5fb
GET /-/media/feature/covid/step1_update_contact_covid_icon_144x144.png?h=144&w=144&hash=C567AE342A1FCDB0680AF165BE7C8C93 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 22418
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:39 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step1_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAB9yjKP7KdJSKSiaH8mUqwOQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 91cb883d8b1960a5932c4a6043ac0292
318f35ac355d3c9101fcb1238fa77dda41bdd50b
1c81340a644de65ffe4bc29f69c0feb33d350d4f41b25e36e69067af56fb4399
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: max-age=128010
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Etag: "63da4d81-1d7"
Expires: Fri, 03 Feb 2023 12:42:29 GMT
Last-Modified: Wed, 01 Feb 2023 11:31:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (3642)
Hash 2717953c2c1ac6d9bb4236d2be825223
94b5c1e0141892c3383bce83ba9ecf4ccd282703
e074156a97d815009052f9c4d3854710fc9e99ba2676966b93462e44d71c636a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14040910960756232145
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
8479206.fls.doubleclick.net/activityi;src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub?
142.250.74.134200 OK 260 B URL HTTP/2 8479206.fls.doubleclick.net/activityi;src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (510), with no line terminators
Hash ea0631cd00670132fca82808c9b0bd08
2eb73ad51f3ee0d48be12fa576dace2ed04a068c
5029fa98a38b0be38ef7577feccd6bd4a3abc10802fe034b9ec0b0616c454bf0
GET /activityi;src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub? HTTP/1.1
Host: 8479206.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 260
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:23:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/project/pal/favicon/apple-touch-icon.png?h=180&w=180&hash=AE8FB7DF8B5DF587A3A6BFDE808DBBD4
13.107.237.53200 OK 2.8 kB URL HTTP/2 www.philippineairlines.com/-/media/project/pal/favicon/apple-touch-icon.png?h=180&w=180&hash=AE8FB7DF8B5DF587A3A6BFDE808DBBD4
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 89851349509dccf351273c8ef4d18fd2
eb5be9354da1f378bab3264eaf014632bc9242c3
f0bdda8e11eb7bde8e8b884ad60022e72d22e34ad20fbb43281519a82a5ef49f
GET /-/media/project/pal/favicon/apple-touch-icon.png?h=180&w=180&hash=AE8FB7DF8B5DF587A3A6BFDE808DBBD4 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 2809
content-type: image/png
last-modified: Thu, 20 Oct 2022 20:46:03 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="apple-touch-icon.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kw3bYwAAAADR7sBq9SbaQZB5Qs0l4dYtQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
www.philippineairlines.com/-/media/project/pal/favicon/favicon.png?h=16&w=16&hash=1F4E355CEE84C50FE8FAA24AAA543FC1
13.107.237.53200 OK 1.2 kB URL HTTP/2 www.philippineairlines.com/-/media/project/pal/favicon/favicon.png?h=16&w=16&hash=1F4E355CEE84C50FE8FAA24AAA543FC1
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b1373dd0f7e841b43928415d206426c8
5a9c2956322926fae81176b32b94c505c00faff3
835c18d973fd2f775ae405c1eb11153e7a12b36188fa402ec267f92ee265a677
GET /-/media/project/pal/favicon/favicon.png?h=16&w=16&hash=1F4E355CEE84C50FE8FAA24AAA543FC1 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1150
content-type: image/png
last-modified: Thu, 20 Oct 2022 20:44:53 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="favicon.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kw3bYwAAAAAy5kZpxnjJSZjc795EobFOQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub
142.250.74.162200 OK 259 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (509), with no line terminators
Hash f7a1df22e1814e7b93040856a85cef55
6f87ae0c7b3db0f4f8497ceee06fdb7c3e784454
cc975c83b3c5af16c45374263421a083f53d2e11499f22c531ae5d7b6503e816
GET /ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8479206.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq
95.101.10.113200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2725)
Hash eafd6426a76017160907dbb3284bf563
5c11ca7cd8892c8aec240dcbc40832573709274c
30b6171e6fcf3d2a14338f721ca1395b30fdfe58e420d7772ed149eddcdf4f0b
GET /i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202302020108591CE63CD4ABA7C6DBEA11
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bb4ebeeb5813437b07910aa25176a72488c81237c0bac42b32a7c059adfa62d9c7b5a23374fa3dbed1d09e95a894f00136c2f1b7907adbf64312dac7bb80b1a37474db13d7e4b0b56265da9c940f486aa
content-encoding: gzip
content-length: 1334
x-origin-response-time: 90,23.217.116.143
x-akamai-request-id: bf9a1124.4e561238
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 02 Feb 2023 01:08:59 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-217-116-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=90, inner; dur=3
x-parent-response-time: 180,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js
95.101.10.113200 OK 70 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 0ee951646422f4b1d0ba6bf1341c86e4
7c47b7ca2a0fe31278d5d46a15439bbaa73f5112
7468187adc69bb54e683428598fb1d15368c9a72cfee467fcd217e0a575f2a4c
GET /i18n/pixel/static/main.MWE2YWY2YTgzMQ.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175846C1594C909FD799AD743C
x-tt-trace-host: 01017a36535d16b01285413ef1c76fec440ee96c163840ba7b09f8be7849df9a3182eb32fd2dc99b4ee04181ce8ced2ac57f59ec3d3f4d224d1f2e04490b852e05195e15f26c44615f8c4113ead1bb47c8afe1f7083a2419bfe87288a4d0ddc6c0
content-encoding: gzip
content-length: 70494
date: Thu, 02 Feb 2023 01:08:59 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 4e561283
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
95.101.10.113200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e35cd3aeb48075134b13d5d593e609af
b967aced0b33616a54a9b7d5d3d092f28b9cca81
e25f7cb45c4d46dc9ebcf4cbe5209c87765cb94c15384780899eee7d888273e6
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825795F92399DF9E7BC6845
x-tt-trace-host: 01213c9428e1dc2e706424a5e4830ae2753a9403fe7ed2020932fc61a3c47c96784adda24a6c56428140d39df42ee71252f6133830581f45dad09e0f84f6c427e5570f8f5241c1349d3294ee56c52eab748dbda5cfd0ecad2a022e79233890d27b
content-encoding: gzip
content-length: 30930
date: Thu, 02 Feb 2023 01:08:59 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
x-akamai-request-id: 4e5612a9
X-Firefox-Spdy: h2
p.teads.tv/teads-fellow.js
184.24.45.54200 OK 6.4 kB URL HTTP/1.1 p.teads.tv/teads-fellow.js
IP 184.24.45.54:0
File type ASCII text, with very long lines (19888), with no line terminators
Hash b6e227013e992031893f2833d1df522e
c6d55aba6762513c8a1eb320131cf46cfa932b4a
6338003a70f047fd7a382e87160754ab69d62edb039da75b4bfb331d16b20c71
GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xF2gWBPKutS2wnnZwWF/35ZjFk7E1e5SSffe2FSsvhMTpSoOhoGgP0jqfLhv8xz5SCfgv4jvB5M=
x-amz-request-id: 3JANA7M6B1C14HR7
Last-Modified: Mon, 23 Jan 2023 13:03:00 GMT
ETag: "52a95d12f789e4537934e239a8adddcb"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=537
Date: Thu, 02 Feb 2023 01:08:59 GMT
Content-Length: 6419
Connection: keep-alive
js-agent.newrelic.com/859.95d4308d-1222.js
151.101.66.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/859.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (6657), with no line terminators
Hash 364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b
GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:08:59 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 626
x-timer: S1675300140.993726,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 23:44:08 GMT
expires: Thu, 02 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 5092
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:40:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4
142.250.74.162200 OK 911 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1993), with no line terminators
Hash d0fa049b6654d45dad4fbc0735eabac4
d696e1fadf037186bbe61e7f115d4f2b83b8db04
f8ec4cc6a87da60f525c8920f4e5bd3e094cd3191d23b9ea9453cfeb3d8d4780
GET /pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 911
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 30840175a6c3108eeb657082dccbc8f7
18b29ac8f85bed81d2fcfaabd668c1ab668217ef
432fc47e2d4f61bb0f959ce139ddd0841a358eb1e4e374a97a607b1a4b487d68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6115
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:27:05 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4
142.250.74.162200 OK 880 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1865), with no line terminators
Hash 8205b831d81082d3c5de8310c37863aa
40c0ee214f74d941d81e0fa3fe019fd9c547d140
b4458b01e92f103149be179806be14b481603d88e8a5b9e725426a227fde08d9
GET /pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 880
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.113200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 797
Origin: null
Connection: keep-alive
Cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230202010859BFEFF3923C513B05CB3C
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bb4b615e8dde47d954d065cc4ac0b10467822a2c0d3ed4cfabd165f9f0da006d89cf2449af2d55c5a30dd38a22780b648b60764321e54af466f4d296eab623a1e87fc162bdb8ec797f1f134886e7fcca3
x-origin-response-time: 71,23.217.116.151
x-akamai-request-id: 3d488d0.4e5612b7
expires: Thu, 02 Feb 2023 01:09:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 02 Feb 2023 01:09:00 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-217-116-151.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=71, inner; dur=20
x-parent-response-time: 162,95.101.10.109
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e4ef294e427dbd856853cbc0d4c663
062b9217afb6a661a4e71598d919d0baadc41143
ba5e7d77b810caf885ae1ebdc1d464e397e08445e1cbac0a8b6665d5624e291b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5641
Cache-Control: max-age=153120
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Etag: "63daaa43-1d7"
Expires: Fri, 03 Feb 2023 19:41:00 GMT
Last-Modified: Wed, 01 Feb 2023 18:06:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 597ubMJZ1JHzmhJlkyP9Dk8Mz6OHX2mgfPXV067TuFWBN9yXF06LVqqf7wDSTZMGP3c/B2TXuqvuH3waZMOV4g==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 01:09:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
beacon.sojern.com/pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid=
107.178.244.119200 OK 689 B URL HTTP/2 beacon.sojern.com/pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid=
IP 107.178.244.119:0
Hash 2d17da5121c78d4da0a00c7fba2d7e17
d68c18902dc23cf15f3ca52d8fe67b1eb6e21284
45e690c13829dfa531e7890cb62fb7a98699f64bda912a79c940ed3be0376164
GET /pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid= HTTP/1.1
Host: beacon.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
set-cookie: cid=f27b235c-8352-78d1-fc19-c9ce87e7a88e#1675900800000; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:09:00 GMT
content-length: 689
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:57:07 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 30840175a6c3108eeb657082dccbc8f7
18b29ac8f85bed81d2fcfaabd668c1ab668217ef
432fc47e2d4f61bb0f959ce139ddd0841a358eb1e4e374a97a607b1a4b487d68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6044
Cache-Control: max-age=144877
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Etag: "63da887d-1d7"
Expires: Fri, 03 Feb 2023 17:23:37 GMT
Last-Modified: Wed, 01 Feb 2023 15:42:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&gjid=19537134&_gid=714678678.1675300164&_u=YCDAgEABAAAAAEAAI~&z=564214925
64.233.162.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&gjid=19537134&_gid=714678678.1675300164&_u=YCDAgEABAAAAAEAAI~&z=564214925
IP 64.233.162.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&gjid=19537134&_gid=714678678.1675300164&_u=YCDAgEABAAAAAEAAI~&z=564214925 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.philippineairlines.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-EZ0JCH24VV>m=2oe210&_p=39546105&cid=735588971.1675300163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675300163&sct=1&seg=0&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&dt=Passenger%20Safety%20Information&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_structure=PR%7CNOT_SET%7CNOT_SET%7CPortal&ep.content_group=Portal&ep.market_language=NOT_SET-NOT_SET
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EZ0JCH24VV>m=2oe210&_p=39546105&cid=735588971.1675300163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675300163&sct=1&seg=0&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&dt=Passenger%20Safety%20Information&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_structure=PR%7CNOT_SET%7CNOT_SET%7CPortal&ep.content_group=Portal&ep.market_language=NOT_SET-NOT_SET
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EZ0JCH24VV>m=2oe210&_p=39546105&cid=735588971.1675300163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675300163&sct=1&seg=0&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&dt=Passenger%20Safety%20Information&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_structure=PR%7CNOT_SET%7CNOT_SET%7CPortal&ep.content_group=Portal&ep.market_language=NOT_SET-NOT_SET HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js-agent.newrelic.com/569.95d4308d-1222.js
151.101.66.137200 OK 3.2 kB URL HTTP/2 js-agent.newrelic.com/569.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (7513), with no line terminators
Hash 8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d
GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 611
x-timer: S1675300140.251646,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2
js-agent.newrelic.com/620.95d4308d-1222.js
151.101.66.137200 OK 1.3 kB URL HTTP/2 js-agent.newrelic.com/620.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (2989), with no line terminators
Hash 7094c3f93699a846fe91edd766391f01
25e8c79409acc2bb73a728c0768e1eda66019255
85eb01219e8aaa7c7968aa175c2421454f99615ae66350b15c60465f4616826f
GET /620.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: QggJtv+14rx8wEd4C6ZTDmmxUSe6+8jiYhTGnWcIRu6DC5pRiaL5fPRx8/lgChduQ7GqRSlO6xY=
x-amz-request-id: WFN5FXFSJTZYM7K6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "ca9b029ff66dd9146273984d16e20abc"
x-amz-version-id: HYguQMwVKEHCmodKuQRUzW1qxlElK9Xr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 162705
x-timer: S1675300140.251759,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1342
X-Firefox-Spdy: h2
js-agent.newrelic.com/457.95d4308d-1222.js
151.101.66.137200 OK 2.0 kB URL HTTP/2 js-agent.newrelic.com/457.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (4809), with no line terminators
Hash 09c0cca8d2a9fd69f1892a1c2d1319b9
b46f4fe3b0adc98785d22a092818b74145a91cc0
593022809e272793157f8280bae176bfa74a02f9f9a6d3269384e2dd434be046
GET /457.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 6YLQBRWWkaavoi6QR5dS+9cRhXVrpaQK5v3G9/iqQ5oKPUxxFI0Uv2tN9ar51sQUG2xwVmTWBnY=
x-amz-request-id: WFN1Z9NXJZGF8XE5
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "c16abc7fa2e34cbb7baf3e290120ad5a"
x-amz-version-id: qROfxBD9CF8WXmbywdhvCmImuu9HvRNA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 610
x-timer: S1675300140.252178,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1953
X-Firefox-Spdy: h2
js-agent.newrelic.com/41.95d4308d-1222.js
151.101.66.137200 OK 439 B URL HTTP/2 js-agent.newrelic.com/41.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (828), with no line terminators
Hash 46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544
GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 619
x-timer: S1675300140.252409,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2
js-agent.newrelic.com/244.95d4308d-1222.js
151.101.66.137200 OK 2.6 kB URL HTTP/2 js-agent.newrelic.com/244.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (6871), with no line terminators
Hash f3fa38d9e10cf246f158644ebd64b342
c2730a8b130475b903b30148ea5cf79eb7de1873
6aea0ff08f0ed145b42d52f81d167df30a300f3da22b687fa2de3be48df1badb
GET /244.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HqAuLbtc4kLXjp/HM/sZyPqsDbRk1eMZXQl1gAv0l9/yRrGf//JiuVcahDTT5bis4NqiPxfG4OQ=
x-amz-request-id: D866GB1QGPTYVJ4R
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "a24fd7e602a6b44ab4c03cab69c843c6"
x-amz-version-id: wm7C04ehQ1WMJgMW5R_.Vg0x6NJINoji
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 437
x-timer: S1675300140.252597,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2607
X-Firefox-Spdy: h2
js-agent.newrelic.com/736.95d4308d-1222.js
151.101.66.137200 OK 2.1 kB URL HTTP/2 js-agent.newrelic.com/736.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (4688), with no line terminators
Hash a0dd1bd64e5912ed2b69ab00c181333c
9f4001e3f6c7fd3105972022cde6a67638ba8083
2ea47cc022696e899accbc531bbb7e3abc01f1598cedaa9f23e071d47ee510a0
GET /736.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: wZ5lT7Qk1E9hmsxWDncLcs+Ic+aBtWHWGPUcVxaeVym/k+6uixaPTXfOiP+keWUZ+GKP0xL2SDo=
x-amz-request-id: MFESCF9VXQC5P35J
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "def1dc24974c16a4e78c08e349b92860"
x-amz-version-id: i.8rfLhEckzO44oBXwNAK9an0lbXu.5p
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 436
x-timer: S1675300140.252802,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2132
X-Firefox-Spdy: h2
js-agent.newrelic.com/142.95d4308d-1222.js
151.101.66.137200 OK 880 B URL HTTP/2 js-agent.newrelic.com/142.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (2014), with no line terminators
Hash c962fb555005bf74b5010cd5c748c721
5c7c22b348a994aad18e8162bb1f78b9fd49c491
077c18d946bf505b4efe75b1b3c3d9c6b3ad6af3e5b5d08a41fedf7aceb84233
GET /142.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: /ZtX43ynOvSaYlrJ/LhlDymHqsr4/Ext49IQ1RQZxLK2MPDMHv59yC5Li6+9oNRuTnKxUqkvJhI=
x-amz-request-id: MFEMFHWSJ1CY7RPR
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "082c9f0a95ce6870ed4d9266fa0e41e5"
x-amz-version-id: ed_.QNbbUDaLQJRSZtC0TghsoJcp2gVk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 435
x-timer: S1675300140.253012,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 880
X-Firefox-Spdy: h2
js-agent.newrelic.com/466.95d4308d-1222.js
151.101.66.137200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/466.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (6842), with no line terminators
Hash 0545743760ba9995e8efbe879105162f
889887ac56edaf2cfe41752ec0893a9ac5d23db0
91a431e85d69e797b8a8817bb15aee94a9fbe38355a6890f75e8947a55386ee0
GET /466.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Y3xfvlvSw36CE9GOKklvJeG0iBkCsl/ss+e4vNwZhrKvjIdjtQLayCw3yQPVxbIyEllIzLdCgUw=
x-amz-request-id: MFEHC9QF926X2AZG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "2b339e4b3b0435de10496ee00de8446a"
x-amz-version-id: joCLqMlafBXUuB094SKQ5Jhlrbz7F.ON
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 439
x-timer: S1675300140.253826,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2760
X-Firefox-Spdy: h2
js-agent.newrelic.com/885.95d4308d-1222.js
151.101.66.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/885.95d4308d-1222.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (16348), with no line terminators
Hash 2414f7dbfd0e2cb3d826fc02a8b608dc
550db9b7abbcd2e5a0d4ab9c414933e1a0bd36fc
8239519b8bff793ad186f4ab9017f8a6ed34edc1df3361958075077ee7677b3d
GET /885.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: iuZsFv406u1sMvs0ma20vGvuMApZWTFFZj+faC5P7Ry157RP7v+m+H8/pYueXH7fkGpYpHbtGFk=
x-amz-request-id: 99ZMGE3ZKMAWH9CW
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "fb9bb822463bccec4200657d3ae33dc0"
x-amz-version-id: PKmhKUoshrjILDxYc6QEKM_sGJ.F4FNB
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 356
x-timer: S1675300140.257942,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5930
X-Firefox-Spdy: h2
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&buyer_pixel_id=7723
184.24.45.54200 OK 145 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&buyer_pixel_id=7723
IP 184.24.45.54:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 51ffab2dae01f73351cdd777ad5a9b55
eb1d559ccc3091981b5bd0938614e512c96f0acb
a15a6cdd68a35a2e623ac841e4f41e53d34fed52bdabcd03535f3c56291db747
GET /v2/advertiser?referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&buyer_pixel_id=7723 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 145
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.philippineairlines.com
Observe-Browsing-Topics: ?1
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Expires: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 02 Feb 2023 01:09:00 GMT
Connection: keep-alive
Set-Cookie: ar_debug=1; Path=/; HttpOnly; Secure; SameSite=None
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh
142.250.74.66302 Found 305 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 57c358e5a2df21c88b1ccbade98ad05b
8950d16cb78f99a451e0618f1f597a52be7d63ab
5883727a273a80396cd6bdb12e5c9b6ba1465a6df00e756f8a47d633c8fc2961
GET /pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh&google_tc=
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151
142.250.74.66302 Found 461 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 06c82b053a1020475d245cf0ee06c5c2
3ecd7dbbf6575b3bf15a24a82592b7160c588b6b
b93d556dbcd29efafc8670e05ce8cba944e860019a42db0182e4e4e64b5b7230
GET /pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151&google_tc=
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 24950356b9ba22c68c8329ac11676acb
717cd8246b76be38b1724f4e5bf94a9882753dc0
2ab90289346a1cc74365abc23a68dd955a7dae484ce60d1af941d32f11deb15e
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 05 Feb 2023 22:05:06 GMT
ETag: "717cd8246b76be38b1724f4e5bf94a9882753dc0"
Last-Modified: Wed, 01 Feb 2023 22:05:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3023
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f09f55ac90afe-OSL
ad.doubleclick.net/ddm/activity/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
142.250.74.166302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
IP 142.250.74.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
AN-X-Request-Uuid: aa5a12fa-0168-470a-9e87-5af646f0c985
Set-Cookie: uuid2=7310102132013593313; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 01:09:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:09:00 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.12.0_51a1e72&buyer_pixel_id=7723&referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&user_session_id=e71cf1c9-731a-441e-9721-c945742a7de9
2.18.173.43200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.12.0_51a1e72&buyer_pixel_id=7723&referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&user_session_id=e71cf1c9-731a-441e-9721-c945742a7de9
IP 2.18.173.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-gtm&tag_version=6.12.0_51a1e72&buyer_pixel_id=7723&referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&user_session_id=e71cf1c9-731a-441e-9721-c945742a7de9 HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 02 Feb 2023 01:09:00 GMT
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1310329938;labels=_fp.event.Default;rf=0;a=p-mGmUBQ3MT3uua;url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1602942749-1675300163982;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=philippineairlines.com;dst=0;et=1675300164307;tzo=0;ogl=;ses=80a7705c-db32-4f25-993e-ceff4969a060
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1310329938;labels=_fp.event.Default;rf=0;a=p-mGmUBQ3MT3uua;url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1602942749-1675300163982;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=philippineairlines.com;dst=0;et=1675300164307;tzo=0;ogl=;ses=80a7705c-db32-4f25-993e-ceff4969a060
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1310329938;labels=_fp.event.Default;rf=0;a=p-mGmUBQ3MT3uua;url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1602942749-1675300163982;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=philippineairlines.com;dst=0;et=1675300164307;tzo=0;ogl=;ses=80a7705c-db32-4f25-993e-ceff4969a060 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:09:00 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EKEBBgGZKAISAYWaqA2e6bRu; expires=Wed, 03-May-2023 01:09:00 GMT; path=/; domain=.quantserve.com
mc=63db0d2c-84175-4aef8-87bf4; expires=Mon, 04-Mar-2024 01:09:00 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
37.252.172.123302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://pixel.sojern.com/idsync/apn?id=0&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
AN-X-Request-Uuid: 10c70991-70cd-4753-a2a5-b63d3d6fd10d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1754058a09fa4d4bbf93d1f4920581d5
1d74b1487c2fb5fad94274e1752d6f58cec50f15
d02645f2c58085bffee957f746009c8a7aa3d20a28a4f3f909c8de8f5d174b50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5085
Cache-Control: max-age=121215
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Etag: "63da2fce-1d7"
Expires: Fri, 03 Feb 2023 10:49:15 GMT
Last-Modified: Wed, 01 Feb 2023 09:24:30 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
bam.eu01.nr-data.net/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken
185.221.85.3200 OK 77 B URL HTTP/1.1 bam.eu01.nr-data.net/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken
IP 185.221.85.3:0
ASN #206998 New Relic International Limited
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 792f09f6c9902d74-ARN
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtAJK9t9UiGaYK8YgEbSSxcKNeOp6aAoCeF7zB0RYniP94A5I4m9BvjI6FxUf1CB9C2vo3aezfGestYSGD6Yn%2BgxsaA2Q5X9EhxVgK%2BK5xSf0llyge15%2F7JXkWUyuRmS6KBIwWx8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.eu01.nr-data.net/events/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3801&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub
185.221.85.3200 OK 24 B URL HTTP/1.1 bam.eu01.nr-data.net/events/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3801&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub
IP 185.221.85.3:0
ASN #206998 New Relic International Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3801&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 193
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 792f09f789dd2d74-ARN
Access-Control-Allow-Origin: https://www.philippineairlines.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
x-envoy-upstream-service-time: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLpLn8pIf9zaxJSkKkpwQOGj%2BB0%2B7KJxqeIXbIkvIxAJbC2wAsGcYYsC2%2FN%2B2zPrrpUGYZ%2Flnym4S%2BJXL2xW4lKWl1oSgdxHOMnN1gVYXOtl0T7oGAp%2BdTl%2Ba4xItDQrXrUK724o"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
www.facebook.com/tr/?id=552535698226720&ev=PageView&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&rl=&if=false&ts=1675300164645&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675300164644.1807098767&it=1675300163990&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=552535698226720&ev=PageView&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&rl=&if=false&ts=1675300164645&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675300164644.1807098767&it=1675300163990&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=552535698226720&ev=PageView&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&rl=&if=false&ts=1675300164645&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675300164644.1807098767&it=1675300163990&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 02 Feb 2023 01:09:00 GMT
X-Firefox-Spdy: h2
s.yimg.jp/images/listing/tool/cv/conversion.js
183.79.249.124200 OK 2.1 kB URL HTTP/2 s.yimg.jp/images/listing/tool/cv/conversion.js
IP 183.79.249.124:0
File type ASCII text, with very long lines (5916), with no line terminators
Hash 7f0c66912062f79b500f784ef684772c
593e742f13af825a35b6f53a31ff9c7f657e1577
a2fa9e94110a358da7f9597072da76a107b72ef8700a7626a21cbbb216d51bdf
GET /images/listing/tool/cv/conversion.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 02 Feb 2023 01:04:58 GMT
vary: Accept-Encoding
last-modified: Tue, 25 Jan 2022 16:25:04 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
age: 243
content-length: 2140
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2
ssocsp.cybertrust.ne.jp/OcspServer
153.127.216.172200 OK 1.5 kB URL HTTP/1.1 ssocsp.cybertrust.ne.jp/OcspServer
IP 153.127.216.172:0
ASN #7684 SAKURA Internet Inc.
Hash 4f9f1be787715c2272274518a5bf82c8
a0f97dc8afa81ee4a201e7a1d54ad3c7d698d11e
9d17fa60d599369d30a009e86fc7586bb6582ba8342a7d05d3ba60d0a2b9cb1a
POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 01:09:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1477
Connection: keep-alive
Keep-Alive: timeout=2
ssocsp.cybertrust.ne.jp/OcspServer
153.127.216.172200 OK 1.5 kB URL HTTP/1.1 ssocsp.cybertrust.ne.jp/OcspServer
IP 153.127.216.172:0
ASN #7684 SAKURA Internet Inc.
Hash 4f9f1be787715c2272274518a5bf82c8
a0f97dc8afa81ee4a201e7a1d54ad3c7d698d11e
9d17fa60d599369d30a009e86fc7586bb6582ba8342a7d05d3ba60d0a2b9cb1a
POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 01:09:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1477
Connection: keep-alive
Keep-Alive: timeout=2
b91.yahoo.co.jp/pagead/conversion_async.js
182.22.30.220403 Forbidden 14 kB URL HTTP/1.1 b91.yahoo.co.jp/pagead/conversion_async.js
IP 182.22.30.220:0
ASN #23816 Yahoo Japan Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Hash e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd
GET /pagead/conversion_async.js HTTP/1.1
Host: b91.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Date: Thu, 02 Feb 2023 01:09:03 GMT
Connection: close
Server: ATS
X-Z-Chihaya: r=1
X-Frame-Options: SAMEORIGIN
Content-Length: 14275
Content-Type: text/html
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hhd99jugAUeT4SMDkgOSFkc9q5jWXE0qAq51OVq8ct4juyFrYH0IhA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:23:30 GMT
age: 63935
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.philippineairlines.com/Styles/assets/fonts/icon-tiger-pal.ttf
13.107.237.53200 OK 0 B URL HTTP/2 www.philippineairlines.com/Styles/assets/fonts/icon-tiger-pal.ttf
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /Styles/assets/fonts/icon-tiger-pal.ttf HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/Styles/assets/css/styles.min.css?v=6
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-encoding: br
last-modified: Sat, 21 Jan 2023 12:10:04 GMT
accept-ranges: bytes
etag: "0f63d4b912dd91:0"
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0hpraYwAAAADi2IaqlxohQqc3bqb1h0GCRlJBMjMxMDUwNDE3MDA5AGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAASFuzKfyL4T6f85w5zQEHWQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap
IP 142.250.74.74:0
GET /css2?family=Montserrat:wght@400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 01:08:58 GMT
date: Thu, 02 Feb 2023 01:08:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5
104.17.208.240200 OK 0 B URL HTTP/2 zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5
IP 104.17.208.240:0
GET /SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5 HTTP/1.1
Host: zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:08:59 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 792f09ef5f4d1c0a-OSL
access-control-allow-origin: *
age: 96788
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-EiZS7hB0asQ8MIR6VQPd7bkaysI"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:09:00 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "j4o3/UzQJzEULY/aoGayAw=="
expires: Thu, 09 Feb 2023 01:09:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com
IP 104.17.208.240:0
GET /dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:08:59 GMT
content-type: application/javascript
cf-ray: 792f09ef8f571c0a-OSL
access-control-allow-origin: *
age: 89493
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"fcba-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=64698
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6EuoNIJ6xwfaJG5&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6EuoNIJ6xwfaJG5&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6EuoNIJ6xwfaJG5&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 134
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:08:59 GMT
content-type: text/plain; charset=UTF-8
cf-ray: 792f09f00f6a1c0a-OSL
access-control-allow-origin: https://www.philippineairlines.com
cache-control: must-revalidate, max-age=300
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 1ed48f79d0635685
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-mGmUBQ3MT3uua.js
65.9.44.113200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-mGmUBQ3MT3uua.js
IP 65.9.44.113:0
GET /rules-p-mGmUBQ3MT3uua.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 02:56:54 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Thu, 02 Feb 2023 01:09:00 GMT
cache-control: max-age=3600
etag: W/"97210bc5f59500202c11a50312b5e7d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f13ebb34b9ca74b5ffe9e85709c21a7c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: i3rdCLXa2_wm7NEqR7JIWpMoEFsCPNcooj68bFxN80rXAG8e_ffzVg==
age: 1332
X-Firefox-Spdy: h2