Report - www.philippineairlines.com/covid-information-hub

Report Overview

Submitted URL
www.philippineairlines.com/covid-information-hub
IP
13.107.237.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-02-02 01:09:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.163.1.35
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	5.5 kB	11 kB	142.250.74.131
bam.eu01.nr-data.net	9782	2018-05-17T14:36:00Z	2023-03-13T05:25:19Z	1.5 kB	1.7 kB	185.221.85.3
rules.quantcount.com	877	2018-06-15T17:43:28Z	2023-03-13T05:20:58Z	345 B	650 B	65.9.44.113
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	71 kB	34.120.237.76
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	361 B	1.9 kB	104.18.20.226
ssocsp.cybertrust.ne.jp	21077	2019-10-07T09:21:25Z	2023-03-13T05:10:21Z	714 B	3.3 kB	153.127.216.172
zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com	579585	2019-11-22T07:54:03Z	2023-03-02T23:12:38Z	394 B	778 B	104.17.208.240
b91.yahoo.co.jp	29922	2012-10-25T07:59:47Z	2023-03-13T07:39:30Z	342 B	14 kB	182.22.30.220
www.philippineairlines.com	257030	2014-06-08T12:57:25Z	2023-03-12T07:27:39Z	28 kB	1.3 MB	13.107.238.53
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	345 B	97 kB	142.250.74.168
p.teads.tv	7153	2018-04-24T09:32:24Z	2023-03-13T06:35:05Z	326 B	6.9 kB	184.24.45.54
cm.g.doubleclick.net	202	2012-05-22T11:58:28Z	2023-03-13T08:33:33Z	944 B	2.5 kB	142.250.74.66
match.adsrvr.org	349	2012-05-21T10:27:04Z	2023-03-13T05:21:15Z	455 B	352 B	15.197.193.217
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	338 B	29 kB	157.240.205.11
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	745 B	427 B	216.239.32.36
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	1.8 kB	1.9 kB	142.250.74.163
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	354 B	51 kB	142.250.74.98
8479206.fls.doubleclick.net	507623	2018-06-04T19:01:37Z	2023-03-02T21:32:14Z	647 B	1.1 kB	142.250.74.134
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	1.4 kB	3.4 kB	142.250.74.162
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	583 B	349 B	31.13.72.36
s.yimg.jp	11015	2012-10-25T05:38:43Z	2023-03-13T08:02:54Z	346 B	2.7 kB	183.79.249.124
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	395 B	630 B	142.250.74.74
siteintercept.qualtrics.com	1163	2012-05-22T06:24:46Z	2023-03-13T08:56:38Z	1.0 kB	1.5 kB	104.17.208.240
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	500 B	32 kB	216.58.207.227
ad.doubleclick.net	186	2012-05-24T22:21:08Z	2023-03-13T06:50:57Z	475 B	915 B	142.250.74.166
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	1.8 kB	1.9 kB	142.250.74.164
t.teads.tv	2349	2013-01-18T03:42:11Z	2023-03-13T05:55:33Z	537 B	226 B	2.18.173.43
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	578 B	605 B	64.233.162.154
cm.teads.tv	7627	2021-02-18T12:52:27Z	2023-03-13T06:35:06Z	458 B	870 B	184.24.45.54
pixel.quantserve.com	417	2012-05-21T21:45:06Z	2023-03-13T05:28:27Z	768 B	557 B	91.228.74.244
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	5.4 kB	93.184.220.29
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	686 B	823 B	142.250.74.162
js-agent.newrelic.com	378	2018-06-22T06:15:37Z	2023-03-13T05:22:57Z	3.5 kB	32 kB	151.101.66.137
beacon.sojern.com	5385	2013-04-10T23:56:39Z	2023-03-13T07:05:51Z	361 B	1.1 kB	107.178.244.119
secure.quantserve.com	973	2012-05-22T22:26:25Z	2023-03-13T05:20:58Z	330 B	293 B	91.228.74.244
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	678 B	724 B	142.250.74.34
analytics.tiktok.com	1182	2020-02-29T14:09:05Z	2023-03-13T05:09:45Z	1.7 kB	106 kB	95.101.10.113
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	337 B	21 kB	142.250.74.110
ib.adnxs.com	241	2012-05-20T21:01:49Z	2023-03-13T05:28:06Z	946 B	2.0 kB	37.252.172.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-02 01:09:20	medium	Client IP	13.107.238.53	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (69)

	URL	Size	First Seen	Last Seen
	googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html	9.7 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 5ba05061c66d3e3a39f0573557899b0d f31c916b0c5ba50856c2d505c6a07ac2e3703dea 821afaa0abe5e4fb2292f52492b24ad0e290f7c43766602293856e911b5d1499 Loading...

	www.philippineairlines.com/layouts/system/VisitorIdentification.js	2.7 kB	2023-03-07	2024-04-18
Pretty URL www.philippineairlines.com/layouts/system/VisitorIdentification.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:18 Last Seen2024-04-18 15:49:42 Times Seen109 Hash cdea2c28ee2872f4186542c27a4d5053 4ef4e42a069644d76c7e73c3c6e44fedaf944d4d 0a81a39c2ff7be93588f4f668c568b89dcb66efce2a728612f6395ca575b1a83 Loading...

	www.philippineairlines.com/covid-information-hub	340 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 43782ad60ab18e4577795f881998f272 55d8552350737269fdf95d5926b269a16cdca4ed dfa1db9f689eabede2831d404cc095bc74b2dc14a40f97a4c87ad244f9ff9bfd Loading...

	www.philippineairlines.com/covid-information-hub	423 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 1564084faebf6177e8e1353b12ba535c 72d8035f47f2978dcc8d1d7294371590e3ec1432 6ea42f45418435dbf35b51b92c2074c247712aa2b83f6eb10922a992faaadd94 Loading...

	js-agent.newrelic.com/41.95d4308d-1222.js	828 B	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/41.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash 29dd8aef66100e4c69e07fd60fc88b12 782578a4e84457c0a5295be82741ac611a6f522d 334dc34df8944a7cec9a7f00e250fac46113625e9a8c5dd176caf8bcef5bb676 Loading...

	www.philippineairlines.com/covid-information-hub	453 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 6187b83b36267efdd48b55c7e2661789 2d0dd655b6db1b9cb6333f8e21c193ca83c44419 85bf03e46bf8581f10a8ccac2637e9672f23b274116c54b3811fa121725af40a Loading...

	www.philippineairlines.com/covid-information-hub	422 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 44644f115ba3595bf4036b9ecded12df 74e60db37d9b221391377699ddcedbc059ac1435 21ba4ad2105fcde25e15ce819e5b2585dd0afc377339028b8eb2731771ab4c99 Loading...

	analytics.tiktok.com/i18n/pixel/static/identify_c4832.js	117 kB	2023-03-12	2024-03-25
Pretty URL analytics.tiktok.com/i18n/pixel/static/identify_c4832.js IP 95.101.10.113 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:31:23 Last Seen2024-03-25 05:07:26 Times Seen3174 Hash 14e351c2e5ec7005a4b1821aa4d09f45 c709759b868dcd322174ef4c62356b5271cbecc0 cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc Loading...

	www.philippineairlines.com/covid-information-hub	130 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 16ce00ce97a3bf5d7ed2f98b9b863899 034f599e4010c654eafe18f274ceb1ae28059a37 fe7b5481e86b506504b72c46edd540648ef2e865c366e18265c682fb923911b1 Loading...

	www.philippineairlines.com/covid-information-hub	313 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 97767a273b39676116d6a94abbd3b05c dda89f3a83ecd40342d4615c081f561497810739 3b50d1862a32b219977a8bf283a3071bf6d9a8f7691a7e5b0a0f3827d6b2a1ae Loading...

	www.philippineairlines.com/api/pagecontent/GetFeedbackSurveyScript	1.6 kB	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/api/pagecontent/GetFeedbackSurveyScript IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash d0ce7bf628771a8fe58aaeaa12edeeb2 09e342e43185c86910ef339c6edc3a0eeb0c2b81 4c9c66d2029b0fc2be230c14e7b9dff2b3192ccbcf062335a91b8fed907d1853 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TM66BB	318 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TM66BB IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 9e5db0eaa89905e18f2e1b1bd18912b6 4a17aa017806c9eb407e5672b30928334860658a 8bfd78daf5446e5e6119e0f1461d6b690582dc6fe14d827fc7c5cf0196ea55ee Loading...

	www.philippineairlines.com/covid-information-hub	105 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 42c86fc3e6d27363119a29f46dd33aa5 70b6f27c0be4f4b5319344d4416455fb4f3e0f5e 34ef24a1a332a873c013476464dd1aa6b910e852305b2c0396714972b4cac7b6 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	151 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash fba5dcb55646dba56f5e5777bdbc1989 de94a565e396d72883fae2c5e68ddd97b07ce5ce 0e43bb8b9b7170a59f93166987d15b4e51329c814b00e8392ec9659ed8232d5f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4	1.9 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 13fe4a84dd047cd94aa224981549de41 bd4f05f2710033406742226816f7446bf6818b87 3041c7c46d738b8a936a9b89aa24c47404ef27ef37ce09d1771065e34730cc78 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	www.philippineairlines.com/covid-information-hub	473 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 4ff91f29a7c74cf4f9318b741da6cb06 dcae250680d76b325c6c09d35c6aaf1394528af8 2bc899dafcec1f2d4841663ef71e7a689159901e779fe0d827c86ed50a408f52 Loading...

	www.googletagmanager.com/gtag/destination?id=G-EZ0JCH24VV&l=dataLayer&cx=c	230 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/destination?id=G-EZ0JCH24VV&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 140db0ef767aec67d7813ded29fceff6 c5b40ae7948e757b2a85994610191e3c84a3e4aa 7952651de4893f22fcb936ad18b52e5cb25bb5921950ec6b9c9e230e6ed9b638 Loading...

	zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5	7.3 kB	2023-03-13	2023-03-13
Pretty URL zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5 IP 104.17.208.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash b25c539ac150768f594c90b4c9fbbda7 1f03611a75ae6d87654aa3114acd700385fa3ec4 4902d98d8e07087ad8beca632c3069160649f748ed701ad89d66334709e9972b Loading...

	siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com	64 kB	2023-03-13	2023-03-13
Pretty URL siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com IP 104.17.208.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:19:53 Last Seen2023-03-13 18:25:22 Times Seen1 Hash 6e25ca65c7e8b978bd5cd03acfd51c6a 9ecf4b749a0309753ef25e0221ec8643676f5bab dd581effa1b3f11825266bdfda9b0e6cb5fbb26c2ef1ba47739a926f3a9396ca Loading...

	p.teads.tv/teads-fellow.js	20 kB	2023-03-13	2023-03-26
Pretty URL p.teads.tv/teads-fellow.js IP 184.24.45.54 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:45 Last Seen2023-03-26 04:56:35 Times Seen13 Hash 52a95d12f789e4537934e239a8adddcb 749906c33d7d24128dfb5a12f037e6dede6444f1 76adf5f10e53555bc8ab50608288f34c088abae18ea0d1c5a2f9c48d6cfaf075 Loading...

	js-agent.newrelic.com/569.95d4308d-1222.js	7.5 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/569.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:55 Times Seen4 Hash e97726ab932639fed09971b1d682788c 006828b20763e0c2357cb8fedf63b9e8c0440d97 5442d1b4e5503e7bf898d26807bda51d7bdbc22dd34f545d3c3cc91688f98021 Loading...

	js-agent.newrelic.com/466.95d4308d-1222.js	6.8 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/466.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash 2b339e4b3b0435de10496ee00de8446a 79f268e9f3a219853b3ac8ef5bb30b46de0d39b3 65d385b4c059f3ff75a6c54cc09fe0fd32ea3a2487a11589285627684b7f7211 Loading...

	connect.facebook.net/signals/config/552535698226720?v=2.9.95&r=stable	386 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/552535698226720?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 9378d0d79e540a8407c9bc17275e66b0 728249b2d0249d21f25efe0f27863fc0e6d42bbf 9332ca98d95a81e9a70b0205a1f50cf5450c8f38b685255989d3aaaf190737ac Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4	2.0 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 00f17a27893cf86331b1900296551db0 3c4054fa3f5a5e0a381633eaf5c5fcd1c2fa3370 56b425f02d018b8f803211a6a69ae8d9f26f73ffdf2bbb6981cf8be8fb86bb2f Loading...

	secure.quantserve.com/quant.js	26 kB	2023-03-13	2023-03-13
Pretty URL secure.quantserve.com/quant.js IP 91.228.74.244 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:36:57 Last Seen2023-03-13 15:52:59 Times Seen1 Hash 8f8a37fd4cd02731142d8fdaa066b203 77449e9e688ce4adedc78f25ddae52b3c90f2fc7 8c979ed3785f184174cba3c38dd0ebbd5b244add676982d9aeafb57b3e53b1a4 Loading...

	js-agent.newrelic.com/736.95d4308d-1222.js	4.7 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/736.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash def1dc24974c16a4e78c08e349b92860 27147ec38011c7b26fd8b2f08a9751db254c828d 221b0e5f79285115e0fbcec94120508a341186223526a9553048046530818612 Loading...

	bam.eu01.nr-data.net/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.eu01.nr-data.net/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken IP 185.221.85.3 ASN #206998 New Relic International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	www.philippineairlines.com/covid-information-hub	128 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 9e15464e3719b75ab6a095790788642b e30e54143a500ccb22696ddcaaf8f319b564ccd8 cd8ee4b644fd56797cd34de7dbafcdb341a67a2306454b06d9c4616f8c4e83c4 Loading...

	www.philippineairlines.com/covid-information-hub	45 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash ab69a36a2c5e6bda5c5a71253c8ad55a 89b5e165a10579052858a96a004830b8abed07a0 94620e1af3416a22190d6c37f72efb0cd9bb9583bf43c85c3abce70ac5074df5 Loading...

	analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq	3.2 kB	2023-03-13	2023-03-13
Pretty URL analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq IP 95.101.10.113 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 7f05cca8be95de914d9b76fe6cf0a3dd 987cf08484057def4dcf1a67994627b5466a336f 2edd9f90b0db469d62382e727f27036b564e1913a0d2ed1b39415ae141b1819d Loading...

	js-agent.newrelic.com/620.95d4308d-1222.js	3.0 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/620.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash ca9b029ff66dd9146273984d16e20abc 6d97560ee6a096a95b04c91087c2c3a5d59a2f24 f30303e41262ed1ae693c03b4ebd0b8ef04eee3e46163bc5ae376e019905524b Loading...

	js-agent.newrelic.com/457.95d4308d-1222.js	4.8 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/457.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash c16abc7fa2e34cbb7baf3e290120ad5a 9490809ae455b4ff698465990466bbc239a8d593 4f1c6499f6a30c6286a56fdf68659e09c40a44ca315ca91fe6a46bc953998dd2 Loading...

	www.philippineairlines.com/Styles/assets/js/lang.js?v=6	36 kB	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/Styles/assets/js/lang.js?v=6 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash bba74fa4b653324252a2cc998123409e 3725a5c7751aa35defe0448abb53a431d1adbf07 4311f1e79057485df4552c38daae882829cb58f541955b8163a1961610f72063 Loading...

	www.philippineairlines.com/covid-information-hub	1.7 kB	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 0f4b0fbcfeb50d334edfe25b89f35e45 6b0f0e7f246d86e230bf373bdb3f9e7258b449b5 49bf3a27970832db49ab3663ba3c8d95af3e8983815aee87d2d2a1f063e62756 Loading...

	www.philippineairlines.com/covid-information-hub	386 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash f386c4f7dd3b73249426164fa53d5e08 4c45dc97514eeb1482000faebf66859845290ed8 5a8fd79d241c239e196c8451f15a59bcaeef41edc5cabeb0f2d1ce88d06d8db9 Loading...

	js-agent.newrelic.com/142.95d4308d-1222.js	2.0 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/142.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash 082c9f0a95ce6870ed4d9266fa0e41e5 abd5e82b64ab22da4bfa2de9fa27e8ae27fede92 b658136fadc6fc8c259f717c518f3b5c14fbdf90ea299d36387f9681e772b6ea Loading...

	www.googletagmanager.com/gtag/js?id=DC-12515269	114 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=DC-12515269 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 645893ebaf0fe5022154c2c1c743de17 fbffb6ff7ce46f12d077cb49fb0c0aee3f9e9e49 967f8b23b05826e5722ab17cb05a7df644648e4f68cf445e91e617c2551b129f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/831900397/?random=1675300165214&cv=11&fst=1675300165214&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/831900397/?random=1675300165214&cv=11&fst=1675300165214&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 15587725d1fa8d3a2d0d5f89463e6bd2 9f7748b7a4226acdf85fde69a1525aff39942e80 dacad104524249b585e856137b2e76d55f0ee47dd109053242b47781e7c3f429 Loading...

	www.philippineairlines.com/Styles/assets/js/scripts.min.js?v=6	1.5 MB	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/Styles/assets/js/scripts.min.js?v=6 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 0d22e01ff9120924c780086b64c877ec f974e0e4a7610304ea4c22a2438bc0cf31d3806a 8091942d44aa072676ebec387e9034bffa226edc9de87087ccf7069e1a3dcc45 Loading...

	www.philippineairlines.com/covid-information-hub	422 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 49dee742cc0eb51569fe5763805ded2c f8b4c4523b1d8667afd5aaeb2280e1a6b8749c5f 38d94a4b200badc5bc2887619ac952fb7348817065bff9939add3b51834edac0 Loading...

	www.philippineairlines.com/covid-information-hub	137 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 9e07417b521698cb23b0106a59b06070 42d846414f5d9600cb36a16b85bde5f0c547f60f 5b5e3ee5fa829a9fdf1703efe0f3b7f4ffdf2afbff6ee00030104873fc942edf Loading...

	beacon.sojern.com/pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid=	3.8 kB	2023-03-13	2023-03-13
Pretty URL beacon.sojern.com/pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid= IP 107.178.244.119 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 01c66cb1a8a3fb8d3d7e5484fb376566 62c3204a93b256b27d72feb622baba099f7b6c6f ddd6cd9dfadf52c67e98117acf04c90110152e744b21df215d8f00d251900826 Loading...

	www.philippineairlines.com/covid-information-hub	386 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 83cb4ce8902b95c0b5094363affdd3fd f3bccc73ac2a6332d4931d66445c6b0d96c6eecb 7291d7f2ff9d1ab7e4c1f131a6c4cc300e391367d501ab73ad1359305375c27a Loading...

	www.philippineairlines.com/covid-information-hub	388 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash bf4338321ba385b55aec55391e0b9084 8c4925b6ea295ce44f25607fe298ac00a15eb045 fffcec66f14edde666ab2707ba73394e03f31df94b75cfb628211c715c3580e4 Loading...

	connect.facebook.net/signals/config/881499126155971?v=2.9.95&r=stable	387 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/881499126155971?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 1a8bbfbf7b663667961da18ac72c5804 018af0bc03a44503a5f9417fbd4e61fb98bf0092 d267127ca56e77b21516d709d15eed96348c954d6ef6e224bf871db1ab1e53e4 Loading...

	www.philippineairlines.com/covid-information-hub	51 kB	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 5286d2d43e91a7d27dfb28a3995ec57b c07a100c06b26244741ff2a0987ab8cf0ee6458b 670ccca70568be115a42ba3f04a95cca09ad050c2d31d068d21358e2f9d5036b Loading...

	www.googletagmanager.com/gtag/js?id=AW-831900397	181 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-831900397 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 996998068e8bc453eb47f17a9e1dfe6b 5d93bdea130466222fbd55ee92fb9018748e620c 3b1a3ba2c0e7f2907d67cdc71c11d30fbcaad82c47a7b6761fc3782c587ecfcd Loading...

	www.philippineairlines.com/covid-information-hub	129 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 37a6371b46650bdfee4ff575c9610ad1 c891d3f7d0ead9eaf4ddc678d2a96f186583dbee 41da50e52617937b618d5d44866ccf50f1adb365d7ae74bc579e2f112ac5f9f0 Loading...

	www.philippineairlines.com/covid-information-hub	333 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 68aac3e8f14c05bec4701c8a91ade57f 7432f5a5e37ff7fbe6eda1fbc5fc9124ce865a12 39b9bbc51bc59360e85ab3fce853cafe689f730c584e75ae726819b0c23a98f0 Loading...

	s.yimg.jp/images/listing/tool/cv/conversion.js	5.9 kB	2023-03-07	2024-03-26
Pretty URL s.yimg.jp/images/listing/tool/cv/conversion.js IP 183.79.249.124 ASN #24572 Yahoo Japan Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:18 Last Seen2024-03-26 12:56:02 Times Seen1099 Hash 45edb22db4e60f5d0ebd06aac22e1e85 ba2665dbf4ee9d4625bf78ff8758e29a223e8104 9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855 Loading...

	js-agent.newrelic.com/885.95d4308d-1222.js	16 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/885.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:48 Last Seen2023-05-04 15:49:56 Times Seen5 Hash fb9bb822463bccec4200657d3ae33dc0 08fc8d2b13be18fc53b51dd3c061278e87251e5b 93c7daa7232fea589edaf300f5ee521efa219138e047a7ae870dd74d9487f9ea Loading...

	www.googletagmanager.com/gtag/js?id=DC-9795703	114 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=DC-9795703 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 15a6de7b571e85993e8ec1510d8c802a 014c8c6a6dc5e0e3d466bb5e761a71f2b3fa4f41 416f00050917d4d2bf179e0d4afabe15f86524c2077cc1de1cce1de4f34f5096 Loading...

	www.philippineairlines.com/covid-information-hub	128 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 8fe885a862bbebb322ddbfb7821de6e4 d2adcfb6a4366dd8f9665fd43d8479093d40d134 4496c8995cb2f97eae1293ac8ede9e8af6d6901ddc7919964a2b774884684ed9 Loading...

	www.philippineairlines.com/covid-information-hub	887 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 1021563e98d3580bf185dbdf523f6794 14b4aacaebca441bac7b1887cb13aed5179cd013 4e6da1161d89d407aecf8fcc8a65fb283ba9cfe040bc49eb600c01afcd048991 Loading...

	js-agent.newrelic.com/859.95d4308d-1222.js	6.7 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/859.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen4 Hash b087387593417c0b63259918da3584e3 5a58a1f92613148f4b977236b1a6463934cc1f93 1de1594a678d9dcbd8d9367a11fef1812376de4f23105c2a480609caeb88efec Loading...

	www.philippineairlines.com/covid-information-hub	410 B	2023-03-13	2023-03-13
Pretty URL www.philippineairlines.com/covid-information-hub IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:13 Last Seen2023-03-13 14:35:13 Times Seen1 Hash 435b105f63cb30488d47d68c39255023 a7efb22b0b7bda26c956b52adfecf2789dce1303 d675dcaadbd58e096558f851f1e9e7820d86165ace4faf97b41f6d2e366b2fc8 Loading...

	rules.quantcount.com/rules-p-mGmUBQ3MT3uua.js	2.1 kB	2023-03-13	2023-03-13
Pretty URL rules.quantcount.com/rules-p-mGmUBQ3MT3uua.js IP 65.9.44.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:14 Last Seen2023-03-13 14:35:14 Times Seen1 Hash 97210bc5f59500202c11a50312b5e7d9 e315b1464df676d75cf3fae0384934ffb9bc55d3 2418c00cfcf5d28021def9194849ea0eeda879b6d79ab7ec274ecce39d64a62c Loading...

	js-agent.newrelic.com/244.95d4308d-1222.js	6.9 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/244.95d4308d-1222.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash a24fd7e602a6b44ab4c03cab69c843c6 57157918ba70de0486aa2f52efcae2ff0c465993 94d7e0d89806dad5b38503db570b3154cdfc886a6fca65cc0897bb4c2c18e648 Loading...

	connect.facebook.net/signals/config/2546707365576462?v=2.9.95&r=stable	386 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/2546707365576462?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:14 Last Seen2023-03-13 14:35:14 Times Seen1 Hash 6b68158f8434b92833c7bd3dd4c4997a 391fa560ef85cd225b24b3331ee64d148ea0be2c 0b7ed924885597d24cb87fd69d815fdf1c8fca37a72ab0ba7dc38949a0e13140 Loading...

	www.googletagmanager.com/gtag/js?id=DC-9536471	114 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=DC-9536471 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:14 Last Seen2023-03-13 14:35:14 Times Seen1 Hash d69caf35ea7b3328f36509cfd074d268 8ad6b257b2af10ae06005b275092ddcace9671fd 73ca196021614887bb46a09ad004cc103d28084e73eeabd78868bbc50256d5e9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8968e6d216aa62e38a80e768b3e9fcd8	12 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 22:27:20 Times Seen8 Hash 8968e6d216aa62e38a80e768b3e9fcd8 976da752c84b3f621cc714c5f1e49ae3f22b3b36 55e5ccfd18460fb0b3fee6c4078508343f02478673dfa1cad44931f3e0db3281 Loading...

	#2 Eval - 0ad2ecb1f29007854df2c43fecfec81a	29 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 23:55:23 Times Seen9 Hash 0ad2ecb1f29007854df2c43fecfec81a bb96cc6c92df6c07343e0348b494551081efd03c 8ab0e3d5ddf5be4b8c4dd05937db01f37799d273b153fd38345fb1f62dfd8854 Loading...

	#3 Eval - 413b7dc1caac04ab95e8a1b230b9b3ad	25 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-04-25 18:08:17 Times Seen5500 Hash 413b7dc1caac04ab95e8a1b230b9b3ad 2657fe2eb543ebc0b54eaa7d3aba3a75fb638630 b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878 Loading...

	#4 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

	#5 Eval - ee96ee0ff39d06ee46967ea0a4f38920	18 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 23:55:23 Times Seen10 Hash ee96ee0ff39d06ee46967ea0a4f38920 c9845dff70a7e5a84a3fa809492b79ed7205d595 84492b52082c1892214a926abf2277177e728654043d52ccc5421de3250d13fb Loading...

	#6 Eval - 32e25b41e1ab582ead07664215356f30	58 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:35:14 Last Seen2023-03-13 14:35:14 Times Seen1 Hash 32e25b41e1ab582ead07664215356f30 4710d8d547cf60a45743945a6c6d83c2855702fa e253f454596544032ecc60b430d293a875d985ed5f336d446dd7d50d98d90a58 Loading...

	#7 Eval - 131234ef281e470acdb8d4d686e0d230	19 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 22:27:20 Times Seen9 Hash 131234ef281e470acdb8d4d686e0d230 ff6857e18a2f94655d03f11697056004e644d0f7 12bcfb40473c701ab657dde154c8e364c145365470bb95f387fc2d1560913b20 Loading...

HTTP Transactions (131)

URL IP Response Size

www.philippineairlines.com/covid-information-hub

13.107.238.53

302 Found

0 B

URL HTTP/1.1
www.philippineairlines.com/covid-information-hub
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

HTTP Headers

GET /covid-information-hub HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Location: https://www.philippineairlines.com/covid-information-hub
X-Azure-Ref: 0KA3bYwAAAACnQ+pOIUu/Rpkdp4UrQI4RQ1BIMzBFREdFMDQxNQBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
Set-Cookie: ASLBSA=000380a400d6e46796fffc4ef252c56d795a9eb1562ae17a4e4443e369d8516f69fe; path=/
ASLBSACORS=000380a400d6e46796fffc4ef252c56d795a9eb1562ae17a4e4443e369d8516f69fe; samesite=none; path=/; secure
Date: Thu, 02 Feb 2023 01:08:56 GMT
Content-Length: 0

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15053
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16119
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:43:26 GMT
content-type: application/json
age: 1531
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10250
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TMwLHiJkWx36K7aF71ItPv4tE51Eg8hxEGZc6HEMfZfofx3qwgP7hTyHrTztOr17xwwC44YzosQ=
x-amz-request-id: J2YRSQH8JVZAF8J4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:51:46 GMT
age: 1031
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:08:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:49:05 GMT
age: 1192
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4976
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Thu, 02 Feb 2023 01:08:57 GMT
Connection: keep-alive

push.services.mozilla.com/

35.163.1.35

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.1.35:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K/NSanI9pBTjvmqEtJFpNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fSDcbv99SgYN7DYgjK5f5pNYyM8=

www.philippineairlines.com/covid-information-hub

13.107.237.53

200 OK

39 kB

URL HTTP/2
www.philippineairlines.com/covid-information-hub
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51645), with CRLF line terminators
Size
39 kB (38998 bytes)
Hash
82842177da43124460d09270da12e12b
218169ce5187cb9db3f863986a68fc4a4fd6f2a5
df3d0547cfdab4eee8cf9b9d4c8d2b52367cab96441c21dcacfdb71db4f24092

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

HTTP Headers

GET /covid-information-hub HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 38998
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: shell#lang=en; path=/; secure; SameSite=None
ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; path=/; secure; HttpOnly; SameSite=None
SC_ANALYTICS_GLOBAL_COOKIE=07ade321db3d494baae5062ee5136c7d|False; domain=dev.local; expires=Sun, 30-Jan-2033 01:08:57 GMT; path=/; secure; HttpOnly; SameSite=None
ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a;Path=/;HttpOnly;Secure;Domain=www.philippineairlines.com
ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.philippineairlines.com
ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; path=/; secure
ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; samesite=none; path=/; secure
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0KQ3bYwAAAAAbaWQcf+dSRZYNA8OOQREcQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:57 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/Styles/assets/js/lang.js?v=6

13.107.237.53

200 OK

12 kB

URL HTTP/2
www.philippineairlines.com/Styles/assets/js/lang.js?v=6
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text
Size
12 kB (11969 bytes)
Hash
3035992c2baab07a285c44b5004efdad
6e272cca0a0bffc703d7300b0d495f8b7b7bc243
d1e8b14dadd2dfb46d45548f39613b18b817e8690085a3d1167427fa0071fa1b

HTTP Headers

GET /Styles/assets/js/lang.js?v=6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 11969
content-type: application/x-javascript
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 12:11:02 GMT
accept-ranges: bytes
etag: "0fd06d912dd91:0"
vary: Accept-Encoding
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0r+zYYwAAAACtLLxPDk2MRaBL+wFlYAXPRlJBMjMxMDUwNDE4MDE5AGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADwOZwyhJZKTbiXmS7Rqy2HQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.philippineairlines.com/Styles/assets/js/scripts.min.js?v=6

13.107.237.53

200 OK

519 kB

URL HTTP/2
www.philippineairlines.com/Styles/assets/js/scripts.min.js?v=6
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
519 kB (518671 bytes)
Hash
8178e219086010c64352581a50f1bbd7
cd85f6317e47e3c2035d3b32cccdae15d96166a2
942bff53d6a78b83fac0aca9a24dfa00ec32786e17e1354cacd5fcd98142a024

HTTP Headers

GET /Styles/assets/js/scripts.min.js?v=6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 12:11:02 GMT
accept-ranges: bytes
etag: "0fd06d912dd91:0"
vary: Accept-Encoding
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0p9DaYwAAAACGnORNnmDWSIUbJcgKh+0PRlJBMjMxMDUwNDE3MDQ3AGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAC+/NdeDjyuS5+EukvBJwuEQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/layouts/system/VisitorIdentification.js

13.107.237.53

200 OK

883 B

URL HTTP/2
www.philippineairlines.com/layouts/system/VisitorIdentification.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
883 B (883 bytes)
Hash
9d2e1eaf43468fc656b5f9662dc4f046
f58463ad01f0864f1aec730340cfe3d3cba9692e
fa2f590c0214c829bb52b4e75ca197b36d59851d3a933e93aeffd4dd4d0cab5c

HTTP Headers

GET /layouts/system/VisitorIdentification.js HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 883
content-type: application/x-javascript
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 19:14:10 GMT
accept-ranges: bytes
etag: "0ed7a5e6afd71:0"
vary: Accept-Encoding
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACDf/YVpq57T4hrUXMdDa4KQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.philippineairlines.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 496849
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.philippineairlines.com/-/media/images/pal/footer/apple-store-badge.png?h=40&w=120&hash=0153EA041D16FA9FDDDDC142DAEB52A6

13.107.237.53

200 OK

1.3 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/apple-store-badge.png?h=40&w=120&hash=0153EA041D16FA9FDDDDC142DAEB52A6
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 120 x 40, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1302 bytes)
Hash
2120ce1949f2273c3c227fc550a75091
a55a0a3ca8b9ab6b5098e0f4021546a61e8ecf3f
ea013a00748b1af25d8489fdf57ea6833fcdbf5d20553e830e289dcc7b7c4718

HTTP Headers

GET /-/media/images/pal/footer/apple-store-badge.png?h=40&w=120&hash=0153EA041D16FA9FDDDDC142DAEB52A6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1302
content-type: image/png
last-modified: Mon, 16 May 2022 07:12:12 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Apple store badge.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABzObRQoWxSTouIQ7Gm0AR7Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/logo/logo.svg?h=29&w=47&hash=F6C0638EBB704192FD6EEBA5E112F8B3

13.107.237.53

200 OK

6.8 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/logo/logo.svg?h=29&w=47&hash=F6C0638EBB704192FD6EEBA5E112F8B3
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6826)
Size
6.8 kB (6827 bytes)
Hash
a7e7afdb5f4e47eeaaef7957238440cc
6c5321821768079c949a917b957bf7b03a9eaaad
5c741ded6070d53fe180b6b0ce319f37956c1e2dd4aa2a203124637ade6a1009

HTTP Headers

GET /-/media/images/pal/logo/logo.svg?h=29&w=47&hash=F6C0638EBB704192FD6EEBA5E112F8B3 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 6827
content-type: image/svg+xml
last-modified: Fri, 20 May 2022 02:48:40 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="logo.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABC23Rh3p53QL/OvOq4CmgqQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5774
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 01:08:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5774
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 01:08:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5774
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 01:08:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15051 bytes)
Hash
6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 11641
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 11116
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 10041
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8296 bytes)
Hash
5129c5bd93215d4f092922326826223e
b6df7a2f09b0efd9342589ffde5621ca6f894285
07fb43e6e0e11d9cd4bcf5d51d248f0fb85d41e231042bc7ad6c1897b3e82556

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8296
x-amzn-requestid: 5961f5cd-2288-44e2-9eb2-35c115cdd95f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGqWoAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-609946154fa2e547084125e4;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFS3n1VPoHesu6OC4w3L5ygNtVOxAL2EyfIZG-S26x8m9GFKdJpHpA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 11317
etag: "b6df7a2f09b0efd9342589ffde5621ca6f894285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11198 bytes)
Hash
93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pwsRzGhqa83gc7xjxWBwpPFEmiVKLY3_YKm1OuRbKgXPyvOSzRtoZQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 11317
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2874 bytes)
Hash
a62a4f48037f1f84b8fd03347daf9ab9
e67e666749b07a0d343d1d0f74d59155ba25d687
5a9ebe1bec39e5d69b20c9747f32c85be906cddba92501052d54dc9a37d3c52d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2874
x-amzn-requestid: 0102a009-be1f-4890-97db-674ebd79e449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frep5EBOoAMFgiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3f-371af67b2cc767ed35cb81d6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MwPmKlNm1j7hqbrlEgxAlfu0gQQNhnkrHnL-YABUr7P8_oFaoFDgFA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:37 GMT
age: 11302
etag: "e67e666749b07a0d343d1d0f74d59155ba25d687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/facebook.svg?h=48&w=48&hash=39C77C15461BF220ECFED87702770115

13.107.237.53

200 OK

439 B

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/facebook.svg?h=48&w=48&hash=39C77C15461BF220ECFED87702770115
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (438)
Size
439 B (439 bytes)
Hash
d4496f00ba0fa899abf38cbf0869e976
9e5d81ebec1a390eeee46c19cae0acac583294e2
f5e90c0a1e0307344a8e4b405bfb88a30f91ce591687e2ab3a55a72795c7e323

HTTP Headers

GET /-/media/images/pal/footer/facebook.svg?h=48&w=48&hash=39C77C15461BF220ECFED87702770115 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 439
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:12:27 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Facebook.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADKiIFJC8p+TpDk51os6sV+Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/mc_idcheck_vrt_rgb_rev.png?h=1022&w=1364&hash=E36AFC46EFABDF798564C31666CCADA3

13.107.237.53

200 OK

11 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/mc_idcheck_vrt_rgb_rev.png?h=1022&w=1364&hash=E36AFC46EFABDF798564C31666CCADA3
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1364 x 1022, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11042 bytes)
Hash
de2b0788f6c1e625aa829da24fcb8c8a
51bd7242efb51f9c888ab3796924b41a1ee5907e
f202c097e42c98c1a387ee6a586108adcf8c10503959315b5a794b8019a0971b

HTTP Headers

GET /-/media/images/pal/footer/mc_idcheck_vrt_rgb_rev.png?h=1022&w=1364&hash=E36AFC46EFABDF798564C31666CCADA3 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 11042
content-type: image/png
last-modified: Tue, 13 Sep 2022 02:30:29 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="mc_idcheck_vrt_rgb_rev.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACv8Fb1x10XTJ94wWS3EvqQQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/jsecure.png?h=110&w=188&hash=9865E9718EDA15A353E5C3EBB6DE8080

13.107.237.53

200 OK

4.7 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/jsecure.png?h=110&w=188&hash=9865E9718EDA15A353E5C3EBB6DE8080
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 188 x 110, 8-bit colormap, non-interlaced\012- data
Size
4.7 kB (4731 bytes)
Hash
87e128556ec309e4c2b44a709708b503
8929d13bc9af15ec42169c9726b85ce54c69a5ab
917a1d5202d53b9e31f98e561274bef1943290079cd73aa4b33bb5a7b555417f

HTTP Headers

GET /-/media/images/pal/footer/jsecure.png?h=110&w=188&hash=9865E9718EDA15A353E5C3EBB6DE8080 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 4731
content-type: image/png
last-modified: Tue, 13 Sep 2022 02:01:18 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="JSecure.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAAD1WNAWroESJGq/x9Q4SVZQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/api/pagecontent/GetFeedbackSurveyScript

13.107.237.53

200 OK

952 B

URL HTTP/2
www.philippineairlines.com/api/pagecontent/GetFeedbackSurveyScript
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (386), with CRLF line terminators
Size
952 B (952 bytes)
Hash
d5d4431ce0403134bab5513dc4277704
d837b07f466ee39ab74caa214d627e0200a09382
0c49904ae37968c90b54f172404e7b2f5b4603f3e62ade4a0522447665562099

HTTP Headers

GET /api/pagecontent/GetFeedbackSurveyScript HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 952
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: SC_ANALYTICS_GLOBAL_COOKIE=07ade321db3d494baae5062ee5136c7d|False; domain=dev.local; expires=Sun, 30-Jan-2033 01:08:58 GMT; path=/; secure; HttpOnly; SameSite=None
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABD2wFGvU1bT7ARzl6xJWoBQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/compliancebadge-pcidss.png?h=367&w=542&hash=43FBD1171B779B0C668B78FF9F10739E

13.107.237.53

200 OK

8.3 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/compliancebadge-pcidss.png?h=367&w=542&hash=43FBD1171B779B0C668B78FF9F10739E
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 542 x 367, 8-bit colormap, non-interlaced\012- data
Size
8.3 kB (8294 bytes)
Hash
bf44bee38941f943a75d186efc7f4ee6
95943c2dde8fe8ac40fca4932c34f361c7df2aea
986cb6974df732384d2c4b989b6ecb0a377186e0cc73f638d5ae61c51d30334b

HTTP Headers

GET /-/media/images/pal/footer/compliancebadge-pcidss.png?h=367&w=542&hash=43FBD1171B779B0C668B78FF9F10739E HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 8294
content-type: image/png
last-modified: Fri, 24 Jun 2022 04:24:29 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="ComplianceBadge-PCIDSS.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADp1X8OhjwHTaE/JgSF4MOXQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/twitter.svg?h=48&w=48&hash=A5953F460F507C3F2AFCD59F31B8C503

13.107.237.53

200 OK

691 B

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/twitter.svg?h=48&w=48&hash=A5953F460F507C3F2AFCD59F31B8C503
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (690)
Size
691 B (691 bytes)
Hash
90ef8a8add3bc60c6592cc14d4cd14cc
18ad19cef7848bafdf4f922f173ec542160b4708
d4686856c8105f53f9b56d7a3c831fa0adda46ebe6bf0856746178f7205bc2d1

HTTP Headers

GET /-/media/images/pal/footer/twitter.svg?h=48&w=48&hash=A5953F460F507C3F2AFCD59F31B8C503 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 691
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:13:09 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Twitter.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAAOv6emIkK0TYJuyVhlG8dvQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/logo/logo-white.svg?h=48&w=48&hash=5BA4AF5D5E0490F904267841FA520AEF

13.107.237.53

200 OK

6.6 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/logo/logo-white.svg?h=48&w=48&hash=5BA4AF5D5E0490F904267841FA520AEF
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6614)
Size
6.6 kB (6615 bytes)
Hash
7296c2e915b1d0949d3a24e48a87ea44
f460fc97b5f5b0267a1ca601cb977b08da1cf4cb
af4db5ca5fb2e168de853e50988608941d29fc001e47be36834bbebcfd6e6772

HTTP Headers

GET /-/media/images/pal/logo/logo-white.svg?h=48&w=48&hash=5BA4AF5D5E0490F904267841FA520AEF HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 6615
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 06:29:08 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="logo-white.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAANO5dB3mZLRbQqrUrSsLk0Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/safekey_alt_rgb_reverse.png?h=338&w=937&hash=63631A43D97B26401EF8A89FD41DAB6D

13.107.237.53

200 OK

11 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/safekey_alt_rgb_reverse.png?h=338&w=937&hash=63631A43D97B26401EF8A89FD41DAB6D
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 937 x 338, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11058 bytes)
Hash
665ef66ad59ed830f8368011ecba3c4e
0bc6e86b269eb8b20fc56d3647167685ec5c4400
0f695be467396915c66bfa1cd008b1765b16c1a318e4ccbec393f37ca29e780c

HTTP Headers

GET /-/media/images/pal/footer/safekey_alt_rgb_reverse.png?h=338&w=937&hash=63631A43D97B26401EF8A89FD41DAB6D HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 11058
content-type: image/png
last-modified: Tue, 13 Sep 2022 03:28:33 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="SafeKey_Alt_rgb_reverse.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAD4k/jMLV+1TaAaZaB3evs7Q1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/instagram.svg?h=48&w=48&hash=C4218136A27A759031861BF80AB4650B

13.107.237.53

200 OK

1.4 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/instagram.svg?h=48&w=48&hash=C4218136A27A759031861BF80AB4650B
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1446)
Size
1.4 kB (1447 bytes)
Hash
0280d3ab992044f118e077b3297c535e
f47f793569999189300b5ee0fb8634d4dbe51e1b
561684d3623a36f22dff5817db551755c23bad4bd9c70e381b95109ba9e83f3b

HTTP Headers

GET /-/media/images/pal/footer/instagram.svg?h=48&w=48&hash=C4218136A27A759031861BF80AB4650B HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1447
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:12:55 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Instagram.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABzHyyA4AbcTKYJhiyUIYvrQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/visa-secure_blk_dkbg.png?h=198&w=198&hash=74288364B0CE637D3D49C503A8BBCADD

13.107.237.53

200 OK

4.4 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/visa-secure_blk_dkbg.png?h=198&w=198&hash=74288364B0CE637D3D49C503A8BBCADD
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 198 x 198, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4389 bytes)
Hash
2fcb76a9d2b25318a6baa175714799d0
4d9832bfe323f9f6b460a3add953d7f06c926ba4
693ff8394c22630a47cf4428c5a076fae6cc72fa5720f7751cefc9aa46aebabd

HTTP Headers

GET /-/media/images/pal/footer/visa-secure_blk_dkbg.png?h=198&w=198&hash=74288364B0CE637D3D49C503A8BBCADD HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 4389
content-type: image/png
last-modified: Tue, 13 Sep 2022 03:36:04 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="visa-secure_blk_dkbg.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACVUfQv4XHGQqTj4pfRoJgiQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/pal/footer/youtube.svg?h=48&w=48&hash=A4CD22D374E4DD56E14CC0C7622DA2A4

13.107.237.53

200 OK

1.9 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/pal/footer/youtube.svg?h=48&w=48&hash=A4CD22D374E4DD56E14CC0C7622DA2A4
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1891)
Size
1.9 kB (1892 bytes)
Hash
4c5944f362e4513b118a088e722a3012
d8aa3269f3a4e248e06032c0e2c7cc615ee816f2
83c189d5981d35eb725cee7d7e0fdbd4d736c0472ac4db87f25fd8ecdc8635a6

HTTP Headers

GET /-/media/images/pal/footer/youtube.svg?h=48&w=48&hash=A4CD22D374E4DD56E14CC0C7622DA2A4 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1892
content-type: image/svg+xml
last-modified: Mon, 16 May 2022 07:13:24 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Youtube.svg"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACYHxtqmpeERpkYP2u6OhMtQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/Styles/assets/css/styles.min.css?v=6

13.107.237.53

200 OK

104 kB

URL HTTP/2
www.philippineairlines.com/Styles/assets/css/styles.min.css?v=6
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
104 kB (103777 bytes)
Hash
afe17aebdc1f13a1c74afe7e7f8e234b
6bbc66ba346baacd0f6a01c493efd9b0d4a6ea67
d4d3a093e4089b66166abfdb42f33b7ef39c6b4cba3c9864b464ebf51f6fb384

HTTP Headers

GET /Styles/assets/css/styles.min.css?v=6 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 12:11:02 GMT
accept-ranges: bytes
etag: "0fd06d912dd91:0"
vary: Accept-Encoding
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0zPzaYwAAAAC/WXkMdr74RZbbo6O49QtfRlJBMjMxMDUwNDE3MDMzAGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAADMFuIUjZZMS4aeoQxiNuXoQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/travel_rules_req_icon_48x48.png?h=48&w=48&hash=516A923BB47D479178620ACBA83E2BEC

13.107.237.53

200 OK

17 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/travel_rules_req_icon_48x48.png?h=48&w=48&hash=516A923BB47D479178620ACBA83E2BEC
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17095 bytes)
Hash
08c559d543578c83e6cdbb5437a5c37d
2d83400beef24c849d202a640a97a6ced6d0d1fe
4a1c606ca51eabdb6c4f481ea6b32d16744c69e0f2ca0604d83454e8fd16f41b

HTTP Headers

GET /-/media/images/new-pal-mm-web-images/icons-part-1/travel_rules_req_icon_48x48.png?h=48&w=48&hash=516A923BB47D479178620ACBA83E2BEC HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 17095
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:21:50 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="travel_rules_req_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABmGuUA5NH4TLi83wrCp23HQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/safety_measure_icon_48x48.png?h=48&w=48&hash=2E9BBC5E52787EDF3F25684854CC5773

13.107.237.53

200 OK

18 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/safety_measure_icon_48x48.png?h=48&w=48&hash=2E9BBC5E52787EDF3F25684854CC5773
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
18 kB (17600 bytes)
Hash
92be4dd98f20c952d659d7289f71fc80
bcb35410ab0a776057abbbb05e60a2bc9cf7991e
59cac238842a7e5d0ff03e4b06784da2aa13e3aecf92528931ab68da9ec6013a

HTTP Headers

GET /-/media/images/new-pal-mm-web-images/icons-part-1/safety_measure_icon_48x48.png?h=48&w=48&hash=2E9BBC5E52787EDF3F25684854CC5773 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 17600
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:21:58 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="safety_measure_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACqj31MylZAR6JD4RuM1v1IQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/latest_flight_update_icon_48x48.png?h=48&w=48&hash=4B09A768E06CC596025AF555309732D2

13.107.237.53

200 OK

18 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/latest_flight_update_icon_48x48.png?h=48&w=48&hash=4B09A768E06CC596025AF555309732D2
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
18 kB (18001 bytes)
Hash
f44233206ba8bfc6879eefa2d0212121
1026625e2628cba36c2377adb39272c1772e7722
868502d7c0676c9631d3cb98ad165fa34a30cbefd6c7d7a6721eb7a1ad6addf7

HTTP Headers

GET /-/media/images/new-pal-mm-web-images/icons-part-1/latest_flight_update_icon_48x48.png?h=48&w=48&hash=4B09A768E06CC596025AF555309732D2 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 18001
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:22:31 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="latest_flight_update_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAC98xPfxKvMQbIOVzBT8GPGQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/passenger_options_icon_48x48.png?h=48&w=48&hash=4D06774E8FFFB7B20760A4C5C321A88B

13.107.237.53

200 OK

18 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/passenger_options_icon_48x48.png?h=48&w=48&hash=4D06774E8FFFB7B20760A4C5C321A88B
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18283 bytes)
Hash
59269397c645c2331d8fa5aa77922c8a
f4d66f97264f7b101297adb07477eb52ac746291
1790b5a1cb0132562ae5abfa6e8b5b19a15955595d740746a557fca0f2da1dfa

HTTP Headers

GET /-/media/images/new-pal-mm-web-images/icons-part-1/passenger_options_icon_48x48.png?h=48&w=48&hash=4D06774E8FFFB7B20760A4C5C321A88B HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 18283
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:20:59 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="passenger_options_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACPewSmLeSPToYF+l5qx7gJQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/mypal_request_hub_icon_48x48.png?h=48&w=48&hash=191E3BE253984D54B15E5648EABC1D43

13.107.237.53

200 OK

17 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/icons-part-1/mypal_request_hub_icon_48x48.png?h=48&w=48&hash=191E3BE253984D54B15E5648EABC1D43
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17019 bytes)
Hash
ae043774ce1f414048e4e97324e09269
c04edff8eb0a7eb8e7a684c72dd8d3c1c4510f53
9fe1fbfa4b2a600adacaa3ee08a82830be1c2c6466fcda8b2edecf5b565e8fff

HTTP Headers

GET /-/media/images/new-pal-mm-web-images/icons-part-1/mypal_request_hub_icon_48x48.png?h=48&w=48&hash=191E3BE253984D54B15E5648EABC1D43 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 17019
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:22:13 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="myPAL_Request_Hub_icon_48x48.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAASgno2F4Z1TbwCq8OR9THUQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-TM66BB

142.250.74.168

200 OK

96 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TM66BB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (43069)
Size
96 kB (96088 bytes)
Hash
c2cdc4b06fd401be3c968bfda90efc16
d219aa21630d2acd24bc5e2ee9ff92773d8573dc
28f6271f675bfe9589223602ebf7a359818e169a728ffb64152d153d4216d352

HTTP Headers

GET /gtm.js?id=GTM-TM66BB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.philippineairlines.com/-/media/images/new-pal-mm-web-images/covid-information-hub/parent-hero/parent-desktop/covid-information-hub-parent-hero-1440x600.png?h=600&w=1440&hash=A2E15B92BD173AF8AFB59F63B437BBD4

13.107.237.53

200 OK

363 kB

URL HTTP/2
www.philippineairlines.com/-/media/images/new-pal-mm-web-images/covid-information-hub/parent-hero/parent-desktop/covid-information-hub-parent-hero-1440x600.png?h=600&w=1440&hash=A2E15B92BD173AF8AFB59F63B437BBD4
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1440 x 600, 8-bit colormap, non-interlaced\012- data
Size
363 kB (363002 bytes)
Hash
c2ba2f78e65101fc042753ae6a1623cb
ff290ce7e8f4d3531eef49c9ae0e3e55cdde5021
dfdac784e2d2470e2f7ebe9ad04a429b65a8bbb88f838e7d05cb9e6942c3ac04

HTTP Headers

GET /-/media/images/new-pal-mm-web-images/covid-information-hub/parent-hero/parent-desktop/covid-information-hub-parent-hero-1440x600.png?h=600&w=1440&hash=A2E15B92BD173AF8AFB59F63B437BBD4 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 363002
content-type: image/png
last-modified: Mon, 11 Jul 2022 07:13:11 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Covid Information Hub Parent Hero 1440x600.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAACpNCnOLde3ToKO70ONbATcQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/feature/covid/step3_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2A3117DA002D3BFC92E2626636FA03EC

13.107.237.53

200 OK

22 kB

URL HTTP/2
www.philippineairlines.com/-/media/feature/covid/step3_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2A3117DA002D3BFC92E2626636FA03EC
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21908 bytes)
Hash
33b1640402f492863ae1c3a9dca0ca94
0c836a5a9360dab76bc7aefafe1728c34b74e927
66612c9263ec41d0ebac9712a2e569dd14b33b7a303501821e9d92e39e7ccf6a

HTTP Headers

GET /-/media/feature/covid/step3_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2A3117DA002D3BFC92E2626636FA03EC HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 21908
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:38 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step3_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAABr47cADaKrQ52O/YPeMg5pQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/feature/covid/step2_update_contact_covid_icon_144x144.png?h=144&w=144&hash=E04806D7250B40FAA35FDD8B327F9B8F

13.107.237.53

200 OK

23 kB

URL HTTP/2
www.philippineairlines.com/-/media/feature/covid/step2_update_contact_covid_icon_144x144.png?h=144&w=144&hash=E04806D7250B40FAA35FDD8B327F9B8F
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22819 bytes)
Hash
38167b9ebd870aea0deb3f31f000009c
fb87a753599ec0c79773a905abee9dcb00421d8e
bbd66c272b5dc764be49ba2d8290f00d507fa933f33bba590cdfd210a3181082

HTTP Headers

GET /-/media/feature/covid/step2_update_contact_covid_icon_144x144.png?h=144&w=144&hash=E04806D7250B40FAA35FDD8B327F9B8F HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 22819
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:39 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step2_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAB5v0M8AeXcQoIaCQcNyj4kQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/feature/covid/step4_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2FE744C1313FF709C2C2820C9FFFED90

13.107.237.53

200 OK

23 kB

URL HTTP/2
www.philippineairlines.com/-/media/feature/covid/step4_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2FE744C1313FF709C2C2820C9FFFED90
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22640 bytes)
Hash
b4e00032983902b426e2d06ee9eb9bd5
4d9989e3897cfcd1efff9345fe46dee5a9194aa3
e59a9b42aa5d270f9fb92ad2b722335f5e38f74e49dbf66c4fddfacc52ceeda0

HTTP Headers

GET /-/media/feature/covid/step4_update_contact_covid_icon_144x144.png?h=144&w=144&hash=2FE744C1313FF709C2C2820C9FFFED90 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 22640
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:38 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step4_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAA88g3Ml1k9R5zAFKim6QvNQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/feature/covid/step1_update_contact_covid_icon_144x144.png?h=144&w=144&hash=C567AE342A1FCDB0680AF165BE7C8C93

13.107.237.53

200 OK

22 kB

URL HTTP/2
www.philippineairlines.com/-/media/feature/covid/step1_update_contact_covid_icon_144x144.png?h=144&w=144&hash=C567AE342A1FCDB0680AF165BE7C8C93
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22418 bytes)
Hash
08897a9d24c55a40e46651596fa70bc9
785993c3bf359dd3b3fc913e727e462d4d40fb2b
384e5f53fd03b0bdf14528e822c150ec92e82f4c847a124b324b7736106ac5fb

HTTP Headers

GET /-/media/feature/covid/step1_update_contact_covid_icon_144x144.png?h=144&w=144&hash=C567AE342A1FCDB0680AF165BE7C8C93 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 22418
content-type: image/png
last-modified: Thu, 28 Jul 2022 10:29:39 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="Step1_Update_Contact_Covid_Icon_144x144.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAB9yjKP7KdJSKSiaH8mUqwOQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
91cb883d8b1960a5932c4a6043ac0292
318f35ac355d3c9101fcb1238fa77dda41bdd50b
1c81340a644de65ffe4bc29f69c0feb33d350d4f41b25e36e69067af56fb4399

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: max-age=128010
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Etag: "63da4d81-1d7"
Expires: Fri, 03 Feb 2023 12:42:29 GMT
Last-Modified: Wed, 01 Feb 2023 11:31:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.98

200 OK

50 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3642)
Size
50 kB (50049 bytes)
Hash
2717953c2c1ac6d9bb4236d2be825223
94b5c1e0141892c3383bce83ba9ecf4ccd282703
e074156a97d815009052f9c4d3854710fc9e99ba2676966b93462e44d71c636a

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14040910960756232145
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

8479206.fls.doubleclick.net/activityi;src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub?

142.250.74.134

200 OK

260 B

URL HTTP/2
8479206.fls.doubleclick.net/activityi;src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub?
IP
142.250.74.134:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (510), with no line terminators
Size
260 B (260 bytes)
Hash
ea0631cd00670132fca82808c9b0bd08
2eb73ad51f3ee0d48be12fa576dace2ed04a068c
5029fa98a38b0be38ef7577feccd6bd4a3abc10802fe034b9ec0b0616c454bf0

HTTP Headers

GET /activityi;src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub? HTTP/1.1
Host: 8479206.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 260
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:23:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/project/pal/favicon/apple-touch-icon.png?h=180&w=180&hash=AE8FB7DF8B5DF587A3A6BFDE808DBBD4

13.107.237.53

200 OK

2.8 kB

URL HTTP/2
www.philippineairlines.com/-/media/project/pal/favicon/apple-touch-icon.png?h=180&w=180&hash=AE8FB7DF8B5DF587A3A6BFDE808DBBD4
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size
2.8 kB (2809 bytes)
Hash
89851349509dccf351273c8ef4d18fd2
eb5be9354da1f378bab3264eaf014632bc9242c3
f0bdda8e11eb7bde8e8b884ad60022e72d22e34ad20fbb43281519a82a5ef49f

HTTP Headers

GET /-/media/project/pal/favicon/apple-touch-icon.png?h=180&w=180&hash=AE8FB7DF8B5DF587A3A6BFDE808DBBD4 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 2809
content-type: image/png
last-modified: Thu, 20 Oct 2022 20:46:03 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="apple-touch-icon.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kw3bYwAAAADR7sBq9SbaQZB5Qs0l4dYtQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

www.philippineairlines.com/-/media/project/pal/favicon/favicon.png?h=16&w=16&hash=1F4E355CEE84C50FE8FAA24AAA543FC1

13.107.237.53

200 OK

1.2 kB

URL HTTP/2
www.philippineairlines.com/-/media/project/pal/favicon/favicon.png?h=16&w=16&hash=1F4E355CEE84C50FE8FAA24AAA543FC1
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
b1373dd0f7e841b43928415d206426c8
5a9c2956322926fae81176b32b94c505c00faff3
835c18d973fd2f775ae405c1eb11153e7a12b36188fa402ec267f92ee265a677

HTTP Headers

GET /-/media/project/pal/favicon/favicon.png?h=16&w=16&hash=1F4E355CEE84C50FE8FAA24AAA543FC1 HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/covid-information-hub
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=604800
content-length: 1150
content-type: image/png
last-modified: Thu, 20 Oct 2022 20:44:53 GMT
accept-ranges: bytes
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
content-disposition: inline; filename="favicon.png"
x-cache: CONFIG_NOCACHE
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kw3bYwAAAAAy5kZpxnjJSZjc795EobFOQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:59 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub

142.250.74.162

200 OK

259 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (509), with no line terminators
Size
259 B (259 bytes)
Hash
f7a1df22e1814e7b93040856a85cef55
6f87ae0c7b3db0f4f8497ceee06fdb7c3e784454
cc975c83b3c5af16c45374263421a083f53d2e11499f22c531ae5d7b6503e816

HTTP Headers

GET /ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8479206.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub

142.250.74.34

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8479206;type=invmedia;cat=aqmtsn5v;ord=8214549589228;gtm=2wg1u0;auiddc=293662962.1675300163;u15=%2Fcovid-information-hub;~oref=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:08:59 GMT
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq

95.101.10.113

200 OK

1.3 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2725)
Size
1.3 kB (1334 bytes)
Hash
eafd6426a76017160907dbb3284bf563
5c11ca7cd8892c8aec240dcbc40832573709274c
30b6171e6fcf3d2a14338f721ca1395b30fdfe58e420d7772ed149eddcdf4f0b

HTTP Headers

GET /i18n/pixel/events.js?sdkid=CCI4MTRC77U1QCQH7040&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202302020108591CE63CD4ABA7C6DBEA11
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bb4ebeeb5813437b07910aa25176a72488c81237c0bac42b32a7c059adfa62d9c7b5a23374fa3dbed1d09e95a894f00136c2f1b7907adbf64312dac7bb80b1a37474db13d7e4b0b56265da9c940f486aa
content-encoding: gzip
content-length: 1334
x-origin-response-time: 90,23.217.116.143
x-akamai-request-id: bf9a1124.4e561238
expires: Thu, 02 Feb 2023 01:08:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 02 Feb 2023 01:08:59 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-217-116-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=90, inner; dur=3
x-parent-response-time: 180,95.101.10.109
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js

95.101.10.113

200 OK

70 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (21891)
Size
70 kB (70494 bytes)
Hash
0ee951646422f4b1d0ba6bf1341c86e4
7c47b7ca2a0fe31278d5d46a15439bbaa73f5112
7468187adc69bb54e683428598fb1d15368c9a72cfee467fcd217e0a575f2a4c

HTTP Headers

GET /i18n/pixel/static/main.MWE2YWY2YTgzMQ.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175846C1594C909FD799AD743C
x-tt-trace-host: 01017a36535d16b01285413ef1c76fec440ee96c163840ba7b09f8be7849df9a3182eb32fd2dc99b4ee04181ce8ced2ac57f59ec3d3f4d224d1f2e04490b852e05195e15f26c44615f8c4113ead1bb47c8afe1f7083a2419bfe87288a4d0ddc6c0
content-encoding: gzip
content-length: 70494
date: Thu, 02 Feb 2023 01:08:59 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 4e561283
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.tiktok.com/i18n/pixel/static/identify_c4832.js

95.101.10.113

200 OK

31 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30930 bytes)
Hash
e35cd3aeb48075134b13d5d593e609af
b967aced0b33616a54a9b7d5d3d092f28b9cca81
e25f7cb45c4d46dc9ebcf4cbe5209c87765cb94c15384780899eee7d888273e6

HTTP Headers

GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825795F92399DF9E7BC6845
x-tt-trace-host: 01213c9428e1dc2e706424a5e4830ae2753a9403fe7ed2020932fc61a3c47c96784adda24a6c56428140d39df42ee71252f6133830581f45dad09e0f84f6c427e5570f8f5241c1349d3294ee56c52eab748dbda5cfd0ecad2a022e79233890d27b
content-encoding: gzip
content-length: 30930
date: Thu, 02 Feb 2023 01:08:59 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
x-akamai-request-id: 4e5612a9
X-Firefox-Spdy: h2

p.teads.tv/teads-fellow.js

184.24.45.54

200 OK

6.4 kB

URL HTTP/1.1
p.teads.tv/teads-fellow.js
IP
184.24.45.54:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (19888), with no line terminators
Size
6.4 kB (6419 bytes)
Hash
b6e227013e992031893f2833d1df522e
c6d55aba6762513c8a1eb320131cf46cfa932b4a
6338003a70f047fd7a382e87160754ab69d62edb039da75b4bfb331d16b20c71

HTTP Headers

GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: xF2gWBPKutS2wnnZwWF/35ZjFk7E1e5SSffe2FSsvhMTpSoOhoGgP0jqfLhv8xz5SCfgv4jvB5M=
x-amz-request-id: 3JANA7M6B1C14HR7
Last-Modified: Mon, 23 Jan 2023 13:03:00 GMT
ETag: "52a95d12f789e4537934e239a8adddcb"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=537
Date: Thu, 02 Feb 2023 01:08:59 GMT
Content-Length: 6419
Connection: keep-alive

js-agent.newrelic.com/859.95d4308d-1222.js

151.101.66.137

200 OK

3.0 kB

URL HTTP/2
js-agent.newrelic.com/859.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6657), with no line terminators
Size
3.0 kB (2975 bytes)
Hash
364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b

HTTP Headers

GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:08:59 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 626
x-timer: S1675300140.993726,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 23:44:08 GMT
expires: Thu, 02 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 5092
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:40:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4

142.250.74.162

200 OK

911 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1993), with no line terminators
Size
911 B (911 bytes)
Hash
d0fa049b6654d45dad4fbc0735eabac4
d696e1fadf037186bbe61e7f115d4f2b83b8db04
f8ec4cc6a87da60f525c8920f4e5bd3e094cd3191d23b9ea9453cfeb3d8d4780

HTTP Headers

GET /pagead/viewthroughconversion/966283696/?random=1675300163224&cv=11&fst=1675300163224&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 911
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
30840175a6c3108eeb657082dccbc8f7
18b29ac8f85bed81d2fcfaabd668c1ab668217ef
432fc47e2d4f61bb0f959ce139ddd0841a358eb1e4e374a97a607b1a4b487d68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6115
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:27:05 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4

142.250.74.162

200 OK

880 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1865), with no line terminators
Size
880 B (880 bytes)
Hash
8205b831d81082d3c5de8310c37863aa
40c0ee214f74d941d81e0fa3fe019fd9c547d140
b4458b01e92f103149be179806be14b481603d88e8a5b9e725426a227fde08d9

HTTP Headers

GET /pagead/viewthroughconversion/944265347/?random=1675300163221&cv=11&fst=1675300163221&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&auid=293662962.1675300163&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 880
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analytics.tiktok.com/api/v2/pixel

95.101.10.113

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 797
Origin: null
Connection: keep-alive
Cookie: _ttp=2LA3ccwd1ZldJ4TqHbPkR5iYCC4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230202010859BFEFF3923C513B05CB3C
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bb4b615e8dde47d954d065cc4ac0b10467822a2c0d3ed4cfabd165f9f0da006d89cf2449af2d55c5a30dd38a22780b648b60764321e54af466f4d296eab623a1e87fc162bdb8ec797f1f134886e7fcca3
x-origin-response-time: 71,23.217.116.151
x-akamai-request-id: 3d488d0.4e5612b7
expires: Thu, 02 Feb 2023 01:09:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 02 Feb 2023 01:09:00 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-217-116-151.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=71, inner; dur=20
x-parent-response-time: 162,95.101.10.109
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3e4ef294e427dbd856853cbc0d4c663
062b9217afb6a661a4e71598d919d0baadc41143
ba5e7d77b810caf885ae1ebdc1d464e397e08445e1cbac0a8b6665d5624e291b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5641
Cache-Control: max-age=153120
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Etag: "63daaa43-1d7"
Expires: Fri, 03 Feb 2023 19:41:00 GMT
Last-Modified: Wed, 01 Feb 2023 18:06:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 597ubMJZ1JHzmhJlkyP9Dk8Mz6OHX2mgfPXV067TuFWBN9yXF06LVqqf7wDSTZMGP3c/B2TXuqvuH3waZMOV4g==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 01:09:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

beacon.sojern.com/pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid=

107.178.244.119

200 OK

689 B

URL HTTP/2
beacon.sojern.com/pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid=
IP
107.178.244.119:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
689 B (689 bytes)
Hash
2d17da5121c78d4da0a00c7fba2d7e17
d68c18902dc23cf15f3ca52d8fe67b1eb6e21284
45e690c13829dfa531e7890cb62fb7a98699f64bda912a79c940ed3be0376164

HTTP Headers

GET /pixel/p/202252?f_v=v6_js&p_v=1&vid=air&cid= HTTP/1.1
Host: beacon.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
set-cookie: cid=f27b235c-8352-78d1-fc19-c9ce87e7a88e#1675900800000; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
vary: Accept-Encoding
date: Thu, 02 Feb 2023 01:09:00 GMT
content-length: 689
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Last-Modified: Wed, 01 Feb 2023 23:57:07 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
30840175a6c3108eeb657082dccbc8f7
18b29ac8f85bed81d2fcfaabd668c1ab668217ef
432fc47e2d4f61bb0f959ce139ddd0841a358eb1e4e374a97a607b1a4b487d68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6044
Cache-Control: max-age=144877
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Etag: "63da887d-1d7"
Expires: Fri, 03 Feb 2023 17:23:37 GMT
Last-Modified: Wed, 01 Feb 2023 15:42:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&gjid=19537134&_gid=714678678.1675300164&_u=YCDAgEABAAAAAEAAI~&z=564214925

64.233.162.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&gjid=19537134&_gid=714678678.1675300164&_u=YCDAgEABAAAAAEAAI~&z=564214925
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&gjid=19537134&_gid=714678678.1675300164&_u=YCDAgEABAAAAAEAAI~&z=564214925 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.philippineairlines.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-EZ0JCH24VV&gtm=2oe210&_p=39546105&cid=735588971.1675300163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675300163&sct=1&seg=0&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&dt=Passenger%20Safety%20Information&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_structure=PR%7CNOT_SET%7CNOT_SET%7CPortal&ep.content_group=Portal&ep.market_language=NOT_SET-NOT_SET

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-EZ0JCH24VV&gtm=2oe210&_p=39546105&cid=735588971.1675300163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675300163&sct=1&seg=0&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&dt=Passenger%20Safety%20Information&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_structure=PR%7CNOT_SET%7CNOT_SET%7CPortal&ep.content_group=Portal&ep.market_language=NOT_SET-NOT_SET
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-EZ0JCH24VV&gtm=2oe210&_p=39546105&cid=735588971.1675300163&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675300163&sct=1&seg=0&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&dt=Passenger%20Safety%20Information&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_structure=PR%7CNOT_SET%7CNOT_SET%7CPortal&ep.content_group=Portal&ep.market_language=NOT_SET-NOT_SET HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: null
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js-agent.newrelic.com/569.95d4308d-1222.js

151.101.66.137

200 OK

3.2 kB

URL HTTP/2
js-agent.newrelic.com/569.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7513), with no line terminators
Size
3.2 kB (3173 bytes)
Hash
8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d

HTTP Headers

GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 611
x-timer: S1675300140.251646,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2

js-agent.newrelic.com/620.95d4308d-1222.js

151.101.66.137

200 OK

1.3 kB

URL HTTP/2
js-agent.newrelic.com/620.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2989), with no line terminators
Size
1.3 kB (1342 bytes)
Hash
7094c3f93699a846fe91edd766391f01
25e8c79409acc2bb73a728c0768e1eda66019255
85eb01219e8aaa7c7968aa175c2421454f99615ae66350b15c60465f4616826f

HTTP Headers

GET /620.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: QggJtv+14rx8wEd4C6ZTDmmxUSe6+8jiYhTGnWcIRu6DC5pRiaL5fPRx8/lgChduQ7GqRSlO6xY=
x-amz-request-id: WFN5FXFSJTZYM7K6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "ca9b029ff66dd9146273984d16e20abc"
x-amz-version-id: HYguQMwVKEHCmodKuQRUzW1qxlElK9Xr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 162705
x-timer: S1675300140.251759,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1342
X-Firefox-Spdy: h2

js-agent.newrelic.com/457.95d4308d-1222.js

151.101.66.137

200 OK

2.0 kB

URL HTTP/2
js-agent.newrelic.com/457.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4809), with no line terminators
Size
2.0 kB (1953 bytes)
Hash
09c0cca8d2a9fd69f1892a1c2d1319b9
b46f4fe3b0adc98785d22a092818b74145a91cc0
593022809e272793157f8280bae176bfa74a02f9f9a6d3269384e2dd434be046

HTTP Headers

GET /457.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 6YLQBRWWkaavoi6QR5dS+9cRhXVrpaQK5v3G9/iqQ5oKPUxxFI0Uv2tN9ar51sQUG2xwVmTWBnY=
x-amz-request-id: WFN1Z9NXJZGF8XE5
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "c16abc7fa2e34cbb7baf3e290120ad5a"
x-amz-version-id: qROfxBD9CF8WXmbywdhvCmImuu9HvRNA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 610
x-timer: S1675300140.252178,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1953
X-Firefox-Spdy: h2

js-agent.newrelic.com/41.95d4308d-1222.js

151.101.66.137

200 OK

439 B

URL HTTP/2
js-agent.newrelic.com/41.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (828), with no line terminators
Size
439 B (439 bytes)
Hash
46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544

HTTP Headers

GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 619
x-timer: S1675300140.252409,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2

js-agent.newrelic.com/244.95d4308d-1222.js

151.101.66.137

200 OK

2.6 kB

URL HTTP/2
js-agent.newrelic.com/244.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6871), with no line terminators
Size
2.6 kB (2607 bytes)
Hash
f3fa38d9e10cf246f158644ebd64b342
c2730a8b130475b903b30148ea5cf79eb7de1873
6aea0ff08f0ed145b42d52f81d167df30a300f3da22b687fa2de3be48df1badb

HTTP Headers

GET /244.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: HqAuLbtc4kLXjp/HM/sZyPqsDbRk1eMZXQl1gAv0l9/yRrGf//JiuVcahDTT5bis4NqiPxfG4OQ=
x-amz-request-id: D866GB1QGPTYVJ4R
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "a24fd7e602a6b44ab4c03cab69c843c6"
x-amz-version-id: wm7C04ehQ1WMJgMW5R_.Vg0x6NJINoji
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 437
x-timer: S1675300140.252597,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2607
X-Firefox-Spdy: h2

js-agent.newrelic.com/736.95d4308d-1222.js

151.101.66.137

200 OK

2.1 kB

URL HTTP/2
js-agent.newrelic.com/736.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4688), with no line terminators
Size
2.1 kB (2132 bytes)
Hash
a0dd1bd64e5912ed2b69ab00c181333c
9f4001e3f6c7fd3105972022cde6a67638ba8083
2ea47cc022696e899accbc531bbb7e3abc01f1598cedaa9f23e071d47ee510a0

HTTP Headers

GET /736.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: wZ5lT7Qk1E9hmsxWDncLcs+Ic+aBtWHWGPUcVxaeVym/k+6uixaPTXfOiP+keWUZ+GKP0xL2SDo=
x-amz-request-id: MFESCF9VXQC5P35J
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "def1dc24974c16a4e78c08e349b92860"
x-amz-version-id: i.8rfLhEckzO44oBXwNAK9an0lbXu.5p
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 436
x-timer: S1675300140.252802,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2132
X-Firefox-Spdy: h2

js-agent.newrelic.com/142.95d4308d-1222.js

151.101.66.137

200 OK

880 B

URL HTTP/2
js-agent.newrelic.com/142.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2014), with no line terminators
Size
880 B (880 bytes)
Hash
c962fb555005bf74b5010cd5c748c721
5c7c22b348a994aad18e8162bb1f78b9fd49c491
077c18d946bf505b4efe75b1b3c3d9c6b3ad6af3e5b5d08a41fedf7aceb84233

HTTP Headers

GET /142.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: /ZtX43ynOvSaYlrJ/LhlDymHqsr4/Ext49IQ1RQZxLK2MPDMHv59yC5Li6+9oNRuTnKxUqkvJhI=
x-amz-request-id: MFEMFHWSJ1CY7RPR
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "082c9f0a95ce6870ed4d9266fa0e41e5"
x-amz-version-id: ed_.QNbbUDaLQJRSZtC0TghsoJcp2gVk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 435
x-timer: S1675300140.253012,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 880
X-Firefox-Spdy: h2

js-agent.newrelic.com/466.95d4308d-1222.js

151.101.66.137

200 OK

2.8 kB

URL HTTP/2
js-agent.newrelic.com/466.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6842), with no line terminators
Size
2.8 kB (2760 bytes)
Hash
0545743760ba9995e8efbe879105162f
889887ac56edaf2cfe41752ec0893a9ac5d23db0
91a431e85d69e797b8a8817bb15aee94a9fbe38355a6890f75e8947a55386ee0

HTTP Headers

GET /466.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: Y3xfvlvSw36CE9GOKklvJeG0iBkCsl/ss+e4vNwZhrKvjIdjtQLayCw3yQPVxbIyEllIzLdCgUw=
x-amz-request-id: MFEHC9QF926X2AZG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "2b339e4b3b0435de10496ee00de8446a"
x-amz-version-id: joCLqMlafBXUuB094SKQ5Jhlrbz7F.ON
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 439
x-timer: S1675300140.253826,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2760
X-Firefox-Spdy: h2

js-agent.newrelic.com/885.95d4308d-1222.js

151.101.66.137

200 OK

5.9 kB

URL HTTP/2
js-agent.newrelic.com/885.95d4308d-1222.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (16348), with no line terminators
Size
5.9 kB (5930 bytes)
Hash
2414f7dbfd0e2cb3d826fc02a8b608dc
550db9b7abbcd2e5a0d4ab9c414933e1a0bd36fc
8239519b8bff793ad186f4ab9017f8a6ed34edc1df3361958075077ee7677b3d

HTTP Headers

GET /885.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: iuZsFv406u1sMvs0ma20vGvuMApZWTFFZj+faC5P7Ry157RP7v+m+H8/pYueXH7fkGpYpHbtGFk=
x-amz-request-id: 99ZMGE3ZKMAWH9CW
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "fb9bb822463bccec4200657d3ae33dc0"
x-amz-version-id: PKmhKUoshrjILDxYc6QEKM_sGJ.F4FNB
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 01:09:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 356
x-timer: S1675300140.257942,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5930
X-Firefox-Spdy: h2

cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&buyer_pixel_id=7723

184.24.45.54

200 OK

145 B

URL HTTP/1.1
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&buyer_pixel_id=7723
IP
184.24.45.54:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
51ffab2dae01f73351cdd777ad5a9b55
eb1d559ccc3091981b5bd0938614e512c96f0acb
a15a6cdd68a35a2e623ac841e4f41e53d34fed52bdabcd03535f3c56291db747

HTTP Headers

GET /v2/advertiser?referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&buyer_pixel_id=7723 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 145
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.philippineairlines.com
Observe-Browsing-Topics: ?1
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Expires: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 02 Feb 2023 01:09:00 GMT
Connection: keep-alive
Set-Cookie: ar_debug=1; Path=/; HttpOnly; Secure; SameSite=None

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cm.g.doubleclick.net/pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh

142.250.74.66

302 Found

305 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
305 B (305 bytes)
Hash
57c358e5a2df21c88b1ccbade98ad05b
8950d16cb78f99a451e0618f1f597a52be7d63ab
5883727a273a80396cd6bdb12e5c9b6ba1465a6df00e756f8a47d633c8fc2961

HTTP Headers

GET /pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern_adh&google_tc=
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151

142.250.74.66

302 Found

461 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
461 B (461 bytes)
Hash
06c82b053a1020475d245cf0ee06c5c2
3ecd7dbbf6575b3bf15a24a82592b7160c588b6b
b93d556dbcd29efafc8670e05ce8cba944e860019a42db0182e4e4e64b5b7230

HTTP Headers

GET /pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=8nsjXINSeNH8GcnOh-eojg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&sjrn_ula=804690151&google_tc=
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
24950356b9ba22c68c8329ac11676acb
717cd8246b76be38b1724f4e5bf94a9882753dc0
2ab90289346a1cc74365abc23a68dd955a7dae484ce60d1af941d32f11deb15e

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 05 Feb 2023 22:05:06 GMT
ETag: "717cd8246b76be38b1724f4e5bf94a9882753dc0"
Last-Modified: Wed, 01 Feb 2023 22:05:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3023
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f09f55ac90afe-OSL

ad.doubleclick.net/ddm/activity/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

142.250.74.166

302 Found

0 B

URL HTTP/2
ad.doubleclick.net/ddm/activity/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ddm/activity/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9319396;type=sales;cat=apacp000;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 01:24:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/966283696/?random=1675300163224&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&data=origin%3Dorigin_name%3Bdestination%3Ddestination_name&fmt=3&is_vtc=1&random=377853377&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/944265347/?random=1675300163221&cv=11&fst=1675299600000&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&tiba=Passenger%20Safety%20Information&fmt=3&is_vtc=1&random=4293755496&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM

37.252.172.123

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
IP
37.252.172.123:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
AN-X-Request-Uuid: aa5a12fa-0168-470a-9e87-5af646f0c985
Set-Cookie: uuid2=7310102132013593313; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 01:09:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33578163-14&cid=735588971.1675300163&jid=121597104&_u=YCDAgEABAAAAAEAAI~&z=790347718 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 01:09:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&ttd_tpi=1

15.197.193.217

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&ttd_tpi=1
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:09:00 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.12.0_51a1e72&buyer_pixel_id=7723&referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&user_session_id=e71cf1c9-731a-441e-9721-c945742a7de9

2.18.173.43

200 OK

23 B

URL HTTP/2
t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.12.0_51a1e72&buyer_pixel_id=7723&referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&user_session_id=e71cf1c9-731a-441e-9721-c945742a7de9
IP
2.18.173.43:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
23 B (23 bytes)
Hash
da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

HTTP Headers

GET /track?action=pageView&env=js-gtm&tag_version=6.12.0_51a1e72&buyer_pixel_id=7723&referer=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&user_session_id=e71cf1c9-731a-441e-9721-c945742a7de9 HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 02 Feb 2023 01:09:00 GMT
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1310329938;labels=_fp.event.Default;rf=0;a=p-mGmUBQ3MT3uua;url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1602942749-1675300163982;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=philippineairlines.com;dst=0;et=1675300164307;tzo=0;ogl=;ses=80a7705c-db32-4f25-993e-ceff4969a060

91.228.74.244

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1310329938;labels=_fp.event.Default;rf=0;a=p-mGmUBQ3MT3uua;url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1602942749-1675300163982;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=philippineairlines.com;dst=0;et=1675300164307;tzo=0;ogl=;ses=80a7705c-db32-4f25-993e-ceff4969a060
IP
91.228.74.244:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1310329938;labels=_fp.event.Default;rf=0;a=p-mGmUBQ3MT3uua;url=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1602942749-1675300163982;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=philippineairlines.com;dst=0;et=1675300164307;tzo=0;ogl=;ses=80a7705c-db32-4f25-993e-ceff4969a060 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:09:00 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EKEBBgGZKAISAYWaqA2e6bRu; expires=Wed, 03-May-2023 01:09:00 GMT; path=/; domain=.quantserve.com
mc=63db0d2c-84175-4aef8-87bf4; expires=Mon, 04-Mar-2024 01:09:00 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM

37.252.172.123

302 Found

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
IP
37.252.172.123:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://pixel.sojern.com/idsync/apn?id=0&sjrn_id=0VTPxKKf1nNV6oH9DUkVuKKU9vKPjpOhuR4htMLqw-yY1jN0NxN07_Jl4XkZlQGM
AN-X-Request-Uuid: 10c70991-70cd-4753-a2a5-b63d3d6fd10d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1754058a09fa4d4bbf93d1f4920581d5
1d74b1487c2fb5fad94274e1752d6f58cec50f15
d02645f2c58085bffee957f746009c8a7aa3d20a28a4f3f909c8de8f5d174b50

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5085
Cache-Control: max-age=121215
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:09:00 GMT
Etag: "63da2fce-1d7"
Expires: Fri, 03 Feb 2023 10:49:15 GMT
Last-Modified: Wed, 01 Feb 2023 09:24:30 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

bam.eu01.nr-data.net/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken

185.221.85.3

200 OK

77 B

URL HTTP/1.1
bam.eu01.nr-data.net/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken
IP
185.221.85.3:0
ASN
#206998 New Relic International Limited

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3389&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub&ap=62&be=1359&fe=1034&dc=962&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675300160799,%22n%22:0,%22f%22:295,%22dn%22:317,%22dne%22:319,%22c%22:319,%22s%22:337,%22ce%22:382,%22rq%22:382,%22rp%22:1181,%22rpe%22:1181,%22dl%22:1188,%22di%22:2201,%22ds%22:2321,%22de%22:2324,%22dc%22:2392,%22l%22:2392,%22le%22:2403%7D,%22navigation%22:%7B%7D%7D&fcp=1633&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 792f09f6c9902d74-ARN
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtAJK9t9UiGaYK8YgEbSSxcKNeOp6aAoCeF7zB0RYniP94A5I4m9BvjI6FxUf1CB9C2vo3aezfGestYSGD6Yn%2BgxsaA2Q5X9EhxVgK%2BK5xSf0llyge15%2F7JXkWUyuRmS6KBIwWx8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

bam.eu01.nr-data.net/events/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3801&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub

185.221.85.3

200 OK

24 B

URL HTTP/1.1
bam.eu01.nr-data.net/events/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3801&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub
IP
185.221.85.3:0
ASN
#206998 New Relic International Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-298e0b06aa0523f534a?a=411328603&v=1222.PROD&to=MhBSZQoZXUZXVRdZDgtafWc7V2BcQlMAXxMANl9fDApcWVpTER8oCxFVSQ%3D%3D&rst=3801&ck=0&s=09c01a9238a81300&ref=https://www.philippineairlines.com/covid-information-hub HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 193
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 01:09:00 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 792f09f789dd2d74-ARN
Access-Control-Allow-Origin: https://www.philippineairlines.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
x-envoy-upstream-service-time: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLpLn8pIf9zaxJSkKkpwQOGj%2BB0%2B7KJxqeIXbIkvIxAJbC2wAsGcYYsC2%2FN%2B2zPrrpUGYZ%2Flnym4S%2BJXL2xW4lKWl1oSgdxHOMnN1gVYXOtl0T7oGAp%2BdTl%2Ba4xItDQrXrUK724o"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare

www.facebook.com/tr/?id=552535698226720&ev=PageView&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&rl=&if=false&ts=1675300164645&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675300164644.1807098767&it=1675300163990&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=552535698226720&ev=PageView&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&rl=&if=false&ts=1675300164645&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675300164644.1807098767&it=1675300163990&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=552535698226720&ev=PageView&dl=https%3A%2F%2Fwww.philippineairlines.com%2Fcovid-information-hub&rl=&if=false&ts=1675300164645&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675300164644.1807098767&it=1675300163990&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 02 Feb 2023 01:09:00 GMT
X-Firefox-Spdy: h2

s.yimg.jp/images/listing/tool/cv/conversion.js

183.79.249.124

200 OK

2.1 kB

URL HTTP/2
s.yimg.jp/images/listing/tool/cv/conversion.js
IP
183.79.249.124:0
ASN
#24572 Yahoo Japan

File type
ASCII text, with very long lines (5916), with no line terminators
Size
2.1 kB (2140 bytes)
Hash
7f0c66912062f79b500f784ef684772c
593e742f13af825a35b6f53a31ff9c7f657e1577
a2fa9e94110a358da7f9597072da76a107b72ef8700a7626a21cbbb216d51bdf

HTTP Headers

GET /images/listing/tool/cv/conversion.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 02 Feb 2023 01:04:58 GMT
vary: Accept-Encoding
last-modified: Tue, 25 Jan 2022 16:25:04 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
age: 243
content-length: 2140
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2

ssocsp.cybertrust.ne.jp/OcspServer

153.127.216.172

200 OK

1.5 kB

URL HTTP/1.1
ssocsp.cybertrust.ne.jp/OcspServer
IP
153.127.216.172:0
ASN
#7684 SAKURA Internet Inc.

File type
data
Size
1.5 kB (1477 bytes)
Hash
4f9f1be787715c2272274518a5bf82c8
a0f97dc8afa81ee4a201e7a1d54ad3c7d698d11e
9d17fa60d599369d30a009e86fc7586bb6582ba8342a7d05d3ba60d0a2b9cb1a

HTTP Headers

POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 01:09:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1477
Connection: keep-alive
Keep-Alive: timeout=2

ssocsp.cybertrust.ne.jp/OcspServer

153.127.216.172

200 OK

1.5 kB

URL HTTP/1.1
ssocsp.cybertrust.ne.jp/OcspServer
IP
153.127.216.172:0
ASN
#7684 SAKURA Internet Inc.

File type
data
Size
1.5 kB (1477 bytes)
Hash
4f9f1be787715c2272274518a5bf82c8
a0f97dc8afa81ee4a201e7a1d54ad3c7d698d11e
9d17fa60d599369d30a009e86fc7586bb6582ba8342a7d05d3ba60d0a2b9cb1a

HTTP Headers

POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 01:09:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1477
Connection: keep-alive
Keep-Alive: timeout=2

b91.yahoo.co.jp/pagead/conversion_async.js

182.22.30.220

403 Forbidden

14 kB

URL HTTP/1.1
b91.yahoo.co.jp/pagead/conversion_async.js
IP
182.22.30.220:0
ASN
#23816 Yahoo Japan Corporation

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Size
14 kB (14275 bytes)
Hash
e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: b91.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Date: Thu, 02 Feb 2023 01:09:03 GMT
Connection: close
Server: ATS
X-Z-Chihaya: r=1
X-Frame-Options: SAMEORIGIN
Content-Length: 14275
Content-Type: text/html

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10807 bytes)
Hash
b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hhd99jugAUeT4SMDkgOSFkc9q5jWXE0qAq51OVq8ct4juyFrYH0IhA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:23:30 GMT
age: 63935
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.philippineairlines.com/Styles/assets/fonts/icon-tiger-pal.ttf

13.107.237.53

200 OK

0 B

URL HTTP/2
www.philippineairlines.com/Styles/assets/fonts/icon-tiger-pal.ttf
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Styles/assets/fonts/icon-tiger-pal.ttf HTTP/1.1
Host: www.philippineairlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.philippineairlines.com/Styles/assets/css/styles.min.css?v=6
Connection: keep-alive
Cookie: ASLBSA=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000; shell#lang=en; ASP.NET_SessionId=5qe1v13c1agltgxfnbygmyq0; ARRAffinity=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ARRAffinitySameSite=48acf0709bf403e3643c99eaa23898057d24fe295bd6cb60b811b2a4ff6a671a; ASLBSACORS=00038b4115b63df4e4a01cee66f422e690f01c2c3b12ad74e5a7d112534009bc2000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-encoding: br
last-modified: Sat, 21 Jan 2023 12:10:04 GMT
accept-ranges: bytes
etag: "0f63d4b912dd91:0"
x-cache: TCP_HIT
request-context: appId=cid-v1:0933aa1f-36dd-4b32-a09d-5ae6f32dfbdc
x-azure-ref-originshield: 0hpraYwAAAADi2IaqlxohQqc3bqb1h0GCRlJBMjMxMDUwNDE3MDA5AGQ1MDA1Y2Y0LTdiZGMtNDgwNy1iZmZmLWZjZjJmNGYwOTk2NQ==
content-security-policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-served-by: My Servlet Handler
referrer-policy: same-origin
permissions-policy: geolocation=(),midi=(),sync-xhr=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
__qca: path=/; secure; HttpOnly; SameSite
_dlt: path=/; secure; HttpOnly; SameSite
_fbp: path=/; secure; HttpOnly; SameSite
_gcl_au: path=/; secure; HttpOnly; SameSite
cookietest: path=/; secure; HttpOnly; SameSite
aslbsacors: path=/; secure; HttpOnly; SameSite
aslbsa: path=/; secure; HttpOnly; SameSite
asp.net_sessionid: path=/; secure; HttpOnly; SameSite
shell#lang: path=/; secure; HttpOnly; SameSite
x-azure-ref: 0Kg3bYwAAAAASFuzKfyL4T6f85w5zQEHWQ1BIMzBFREdFMDQxNgBkNTAwNWNmNC03YmRjLTQ4MDctYmZmZi1mY2YyZjRmMDk5NjU=
date: Thu, 02 Feb 2023 01:08:58 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 01:08:58 GMT
date: Thu, 02 Feb 2023 01:08:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5

104.17.208.240

200 OK

0 B

URL HTTP/2
zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5
IP
104.17.208.240:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /SIE/?Q_ZID=ZN_6EuoNIJ6xwfaJG5 HTTP/1.1
Host: zn6euonij6xwfajg5-philippineairlines.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:08:59 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 792f09ef5f4d1c0a-OSL
access-control-allow-origin: *
age: 96788
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-EiZS7hB0asQ8MIR6VQPd7bkaysI"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

secure.quantserve.com/quant.js

91.228.74.244

200 OK

0 B

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.244:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:09:00 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "j4o3/UzQJzEULY/aoGayAw=="
expires: Thu, 09 Feb 2023 01:09:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com

104.17.208.240

200 OK

0 B

URL HTTP/2
siteintercept.qualtrics.com/dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com
IP
104.17.208.240:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dxjsmodule/13.80b1174311323ca5c15d.chunk.js?Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web&Q_BRANDID=www.philippineairlines.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:08:59 GMT
content-type: application/javascript
cf-ray: 792f09ef8f571c0a-OSL
access-control-allow-origin: *
age: 89493
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"fcba-185c14f8808"
last-modified: Tue, 17 Jan 2023 19:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=64698
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6EuoNIJ6xwfaJG5&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web

104.17.208.240

200 OK

0 B

URL HTTP/2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6EuoNIJ6xwfaJG5&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web
IP
104.17.208.240:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6EuoNIJ6xwfaJG5&Q_CLIENTVERSION=1.83.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 134
Origin: https://www.philippineairlines.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:08:59 GMT
content-type: text/plain; charset=UTF-8
cf-ray: 792f09f00f6a1c0a-OSL
access-control-allow-origin: https://www.philippineairlines.com
cache-control: must-revalidate, max-age=300
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 1ed48f79d0635685
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p-mGmUBQ3MT3uua.js

65.9.44.113

200 OK

0 B

URL HTTP/2
rules.quantcount.com/rules-p-mGmUBQ3MT3uua.js
IP
65.9.44.113:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rules-p-mGmUBQ3MT3uua.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 02:56:54 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Thu, 02 Feb 2023 01:09:00 GMT
cache-control: max-age=3600
etag: W/"97210bc5f59500202c11a50312b5e7d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f13ebb34b9ca74b5ffe9e85709c21a7c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: i3rdCLXa2_wm7NEqR7JIWpMoEFsCPNcooj68bFxN80rXAG8e_ffzVg==
age: 1332
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (69)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML