Audit Trail
Evidence record for domain check
Integrity Verified
Test Node Identity
{
"os": "Linux srv1440888 6.8.0-124-generic #124-Ubuntu SMP PREEMPT_DYNAMIC Tue May 26 13:00:45 UTC 2026 x86_64",
"hostname": "srv1440888",
"php_version": "8.3.32",
"server_ipv4": "76.13.221.142",
"server_ipv6": "2a02:4780:5e:2789::1"
}
Node Network Evidence
{
"profile": "dual_stack",
"enforcement_evidence": {
"egress_check": {
"v4_egress": "76.13.221.142",
"v6_egress": "2a02:4780:5e:2789::1"
},
"ip_routes_v4": "default via 76.13.221.254 dev eth0 proto static \n10.6.101.0/24 dev wg0 scope link \n10.6.102.0/24 dev wg0 scope link \n76.13.221.0/24 dev eth0 proto kernel scope link src 76.13.221.142 \n172.29.0.0/24 dev wg0 scope link \n",
"ip_routes_v6": "2a02:4780:5e::/48 dev eth0 proto kernel metric 256 pref medium\nfe80::/64 dev eth0 proto kernel metric 256 pref medium\ndefault via 2a02:4780:5e::1 dev eth0 proto static metric 1024 pref medium\n",
"sysctl_flags": {
"net.ipv6.conf.all.disable_ipv6": "0"
},
"nftables_summary": "unavailable or no permissions"
}
}
DNS Responses
A
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33450 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; ANSWER SECTION: nestle.com.my. 3600 IN A 75.2.65.169 nestle.com.my. 3600 IN A 99.83.129.68
DS
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37566 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; AUTHORITY SECTION: com.my. 2429 IN SOA e.nic.my. hostmaster.nic.my. 2026052755 1800 900 604800 3600
MX
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36409 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; ANSWER SECTION: nestle.com.my. 3600 IN MX 0 mail.nestle.com.my.
NS
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60042 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; ANSWER SECTION: nestle.com.my. 3600 IN NS amsdns1.nestle.com. nestle.com.my. 3600 IN NS aoadns1.nestle.com. nestle.com.my. 3600 IN NS ctrdns1.nestle.com. nestle.com.my. 3600 IN NS eurdns1.nestle.com.
TXT
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49615
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; ANSWER SECTION:
nestle.com.my. 3600 IN TXT "fastly-domain-delegation-nqw39wacxuxyeij3otxp-494497-2022-06-03"
nestle.com.my. 3600 IN TXT "google-site-verification=wHwSJJ32CwCbVAUxdgAhLaYL-kqw--3MsBY6siKKyfk"
nestle.com.my. 3600 IN TXT "_qg3mvkur3e51tr8nzlj3k4bs2upstc5"
nestle.com.my. 3600 IN TXT "lp5xw8rkfg04dd16wswbllc8dpglmc8w"
nestle.com.my. 3600 IN TXT "z9jr0q3fzlmwhpcr0bcsw2w761s1841d"
nestle.com.my. 3600 IN TXT "fastly-domain-delegation-bmTYqSeQhw-380028-2021-06-16"
nestle.com.my. 3600 IN TXT "facebook-domain-verification=53p6kykp2cl9pky9xj7v4lxyx75qvj"
nestle.com.my. 3600 IN TXT "v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all"
nestle.com.my. 3600 IN TXT "fastly-domain-delegation-atoqpvzxeyqtnux44iwx-498040-2022-06-17"
AAAA
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21026 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; AUTHORITY SECTION: nestle.com.my. 3593 IN SOA ctrdns1.nestle.com. nestlednsadmin.nestle.com. 2008112137 7200 900 1209600 3600
RRSIG
ctrdns1.nestle.com. nestlednsadmin.nestle.com. 2008112137 7200 900 1209600 3600
DNSKEY
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3460 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; AUTHORITY SECTION: nestle.com.my. 3593 IN SOA ctrdns1.nestle.com. nestlednsadmin.nestle.com. 2008112137 7200 900 1209600 3600
DNSSEC_VALIDATION
; unsigned answer nestle.com.my. 3592 IN SOA ctrdns1.nestle.com. nestlednsadmin.nestle.com. 2008112137 7200 900 1209600 3600
DNS Resolution Performance
Comparison of A (IPv4) vs AAAA (IPv6) query times across resolvers and transports. Shows median (p50) of 3 samples.
| Resolver | Transport | A (IPv4) | AAAA (IPv6) | Delta |
|---|---|---|---|---|
| System | Default | 20.97 ms (p95: 24.63) | 17.3 ms (p95: 32.51) | -3.7 ms |
| IPv4 | 35.98 ms (p95: 36.95) | 35.69 ms (p95: 38.09) | -0.3 ms | |
| IPv6 | 19.08 ms (p95: 20.92) | 21.08 ms (p95: 21.64) | +2 ms | |
| Cloudflare | IPv4 | 9.95 ms (p95: 13.87) | 12.79 ms (p95: 21.68) | +2.8 ms |
| Cloudflare | IPv6 | 31.7 ms (p95: 38.02) | 22.76 ms (p95: 39.45) | -8.9 ms |
TLS Handshake Details
{
"ipv4": {
"ip_used": "99.83.129.68",
"ip_version": 4,
"raw_handshake": "depth=2 C = GB, O = Sectigo Limited, CN = Sectigo Public Server Authentication Root R46\nverify return:1\ndepth=1 C = AT, O = ZeroSSL GmbH, CN = ZeroSSL RSA DV SSL CA 2\nverify return:1\ndepth=0 CN = nestle.com.my\nverify return:1\nCONNECTED(00000010)\n---\nCertificate chain\n 0 s:CN = nestle.com.my\n i:C = AT, O = ZeroSSL GmbH, CN = ZeroSSL RSA DV SSL CA 2\n a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256\n v:NotBefore: Jun 29 00:00:00 2026 GMT; NotAfter: Sep 27 23:59:59 2026 GMT\n-----BEGIN CERTIFICATE-----\nMIIFijCCA/KgAwIBAgIRANJnH1P5qSNfk5ktAxoMdvcwDQYJKoZIhvcNAQELBQAw\nRjELMAkGA1UEBhMCQVQxFTATBgNVBAoTDFplcm9TU0wgR21iSDEgMB4GA1UEAxMX\nWmVyb1NTTCBSU0EgRFYgU1NMIENBIDIwHhcNMjYwNjI5MDAwMDAwWhcNMjYwOTI3\nMjM1OTU5WjAYMRYwFAYDVQQDEw1uZXN0bGUuY29tLm15MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAtkIgNQtnwV+mSNmod94/KQ//z0rNT1oyzyMnOFNe\nE4rvdwqAKzUPp3bdOUsYk3VAuwCOuaFP0Z3ARgfwFjUSnO5DYrhsLeTcdYLp4oER\n5sFy5vcAqBsg46LPdmI9pSLmovLxJdhptNIs8ymxo0OjG7Uef7t279VPa4GiGD4e\nJNu4UGT/iTWP25ydHnkNuV+xXf2W1aF0OS22W/79SWEt4Z5AqgPVt6iEkg+AAdIH\n1g7ui1tiR5U1ExAMBFhRko8BnPNz9UTQ3VBZML2NMrTl3idqTifrU5cIr/CaY2fb\n2keRBupEF9fqsbmboDX4ohog3mJzgQGQ+nUG1nTAWFhFWQIDAQABo4ICHzCCAhsw\nHwYDVR0jBBgwFoAUS776doQjRAS5zr4xb+n1Mgb/DFcwHQYDVR0OBBYEFFANF/9z\nyUT22Zj9ILPcYsmOXWR1MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMBMG\nA1UdJQQMMAoGCCsGAQUFBwMBMBMGA1UdIAQMMAowCAYGZ4EMAQIBMG4GCCsGAQUF\nBwEBBGIwYDA5BggrBgEFBQcwAoYtaHR0cDovL2NydC5zZWN0aWdvLmNvbS9aZXJv\nU1NMUlNBRFZTU0xDQTIuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0\naWdvLmNvbTCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ANdtfRDRp/V3wsfpX9cA\nv/mCyTNaZeHQswFzF8DIxWl3AAABnxC33EQAAAQDAEgwRgIhAKo2qsCdGBSBa3ng\njRpIb7DbumN9lXO0ucKCndb9wNDPAiEAuBykel2TshglJSgeSXi4647xsReOqwzx\nfAnYNoM1WNoAdgDIo8R/x7OtuTVrAT9qehJt4zpOQ6XGRvmXrTl1mR3PmgAAAZ8Q\nt9w7AAAEAwBHMEUCICCjQ5mWyt5BaF1w/Qg4vzjNaCENZ8DzUyu0wDSJKBOEAiEA\ntTkmVL2BfiYakf668CR2jlv4QuLcpW8G9wcPACqBHsQwGAYDVR0RBBEwD4INbmVz\ndGxlLmNvbS5teTANBgkqhkiG9w0BAQsFAAOCAYEACVVgmLZ1oDPMjhFFEDE6UrBU\nHI5VtfUBn41vzN2Q+Z3x0stiuXE2Ztl6D6pA8/7TTgGloZTIfCEf84PC7q+Qp/IQ\nXTnAQF99lU37Kt17DUvks/L1wrrOqCfy9msRfsWHSjo5u1E5uk3PRAtxufveQouz\nghaE+BBsOIXr7ornluxkY6s1ceRuRQSeOezUSYwNumtAaNlVlo2XM/xerr9dfd1p\nTgXjVZy7owVx8OUot2+EOk5pbZI8MqLX4VXMa6D3jRC6nA2GYA+nsCO4jW8DNLRV\nSABrdjCl/RKbBFu/quepFKTZ6bcMWREzGfC50OQUZcFLliy/psWhxMMfE1NvAxCN\nP2iyDmbqncArot84TYicpiNq1f5dGoum/8m4i5D/zgRQwGFSOlfju2+dbYoDpEGt\npAf7ExvxNa3tx2aOyI2UsDwa0VeRh1lf1hrSyIr97Xg44ztgbZcKY/n4EGE6a13t\nd1DMpuvF1dPE4U7NmBkD5TCc74zh7FD2lW+xZOLL\n-----END CERTIFICATE-----\n 1 s:C = AT, O = ZeroSSL GmbH, CN = ZeroSSL RSA DV SSL CA 2\n i:C = GB, O = Sectigo Limited, CN = Sectigo Public Server Authentication Root R46\n a:PKEY: rsaEncryption, 3072 (bit); sigalg: RSA-SHA384\n v:NotBefore: Sep 24 00:00:00 2025 GMT; NotAfter: Sep 23 23:59:59 2035 GMT\n-----BEGIN CERTIFICATE-----\nMIIGITCCBAmgAwIBAgIRANCpCCVfjlDl8zltERRwKjcwDQYJKoZIhvcNAQEMBQAw\nXzELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE2MDQGA1UE\nAxMtU2VjdGlnbyBQdWJsaWMgU2VydmVyIEF1dGhlbnRpY2F0aW9uIFJvb3QgUjQ2\nMB4XDTI1MDkyNDAwMDAwMFoXDTM1MDkyMzIzNTk1OVowRjELMAkGA1UEBhMCQVQx\nFTATBgNVBAoTDFplcm9TU0wgR21iSDEgMB4GA1UEAxMXWmVyb1NTTCBSU0EgRFYg\nU1NMIENBIDIwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCnXX3Qm/G+\nujylvYIkhJ53ZZ7XM03vXY03sCnO9VWjwMsV0qCQMlvhuRiJwrm4M5jgGehxIiCR\n1qT0AyL2rHTWJR07vjJzuNmp7uoKu3HKwixBk9QuXD5aliO8/EDbzdZDcG/Hm5pC\nmOeusLtds/UE/Iq24nw5WpcgZE5Ly+F/yCYDuEa7hXLJAPM5SecJIblG1OQ3ukMl\nHHNBbDxBpGWTyDudd0DTed0NTgCPs1t8RZPhW9Gt/8nDwFX0pQ4eHfPEB8c6eNl2\nsRr2Afp1YErakR+53yEX2SXc2Kz0fbTlUc+To0ULGcJiWNyZwj//DTZ+M4xxsT2T\nqjQ4Xfvm2EUTymrXDrh1Pm/wkBouu860c6eeQfNlKlccUyHOSeKCtPIWreMvH3Be\nYdeu3DwI8lefn/VUhSB2Bbz7hX3qz3oMmtSTmWhTnobyKlx1L2b/oloaqpy1cBc/\nQiLRSOptYGPjZtX0pRrTVKQXeP2rPUk0y5q/40WRpugSlHCX6aceWnsCAwEAAaOC\nAW8wggFrMB8GA1UdIwQYMBaAFFZzWGSV+ZIasBIqBGJ5oUAViCFJMB0GA1UdDgQW\nBBRLvvp2hCNEBLnOvjFv6fUyBv8MVzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/\nBAgwBgEB/wIBADATBgNVHSUEDDAKBggrBgEFBQcDATATBgNVHSAEDDAKMAgGBmeB\nDAECATBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vY3JsLnNlY3RpZ28uY29tL1Nl\nY3RpZ29QdWJsaWNTZXJ2ZXJBdXRoZW50aWNhdGlvblJvb3RSNDYuY3JsMIGEBggr\nBgEFBQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20v\nU2VjdGlnb1B1YmxpY1NlcnZlckF1dGhlbnRpY2F0aW9uUm9vdFI0Ni5wN2MwIwYI\nKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMA0GCSqGSIb3DQEBDAUA\nA4ICAQCJ/3v2/vdexHsdVyXL9aCTQE01YXl23866TVM/LgRpRW+kneZXXZxP0hy4\nGnvlqUcxTq97B6qPdQcQxQxpGne7CRn0nWauzqieMcJzYl3fDC2Q/ANyPhyrbwCI\nzx9EsRrgfjvuJCaUMtlfYpKqBUYiPOCPAN0HdrLD5hU6oV1tvWVsUzTA43skC3uH\nwQM5YPIk0NDJFw3NhQPOIOwbq09T+SYSEZvsJ3t4sA4H3gh03RETNaAwTcTNS/+u\n1tAeQUZZmKQyLWYLyoxvbISp/MFr9xqhDqrpAurYVNeiLJ5+4/WZPml20yNZjcxV\nKKqRYdEurl8rmI2toCnCDWiEcTDvoYGtz60eYIt7VJID4DrCjTxAWTWh2T5ag2pK\nryNJGt8BFGLtjeD774SxAFn5MGYBVvEK4LXmCjVX78pb6/0Dceo71dlQUK68yftb\n+yTeyoqjwgk2L8vNSrkj6UTkvvqXSONFuVU7bvC0O/9bi5MXBv7QUivMNxDsTtaT\nIZO7PsSCRmLraQM2EPBgbNL9lRSEYi4Hj+NicT/e87pbhv88k0oec9xGcnkcvZpN\nsJBz78mkZfeFIIjh02e2y9ke/Fqw1FbdhHtU2myaFnX0sRyGLmI/vzXSwyvT+Kxl\nWx8FV64z2PBdwd0vXRaAMXomGC0M1vQa5fBDn4dimzewsSiphQ==\n-----END CERTIFICATE-----\n 2 s:C = GB, O = Sectigo Limited, CN = Sectigo Public Server Authentication Root R46\n i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority\n a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA384\n v:NotBefore: Mar 22 00:00:00 2021 GMT; NotAfter: Jan 18 23:59:59 2038 GMT\n-----BEGIN CERTIFICATE-----\nMIIGlTCCBH2gAwIBAgIRANJ/u8HeNZ5SFq1hSVhgmcQwDQYJKoZIhvcNAQEMBQAw\ngYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK\nZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD\nVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIx\nMDMyMjAwMDAwMFoXDTM4MDExODIzNTk1OVowXzELMAkGA1UEBhMCR0IxGDAWBgNV\nBAoTD1NlY3RpZ28gTGltaXRlZDE2MDQGA1UEAxMtU2VjdGlnbyBQdWJsaWMgU2Vy\ndmVyIEF1dGhlbnRpY2F0aW9uIFJvb3QgUjQ2MIICIjANBgkqhkiG9w0BAQEFAAOC\nAg8AMIICCgKCAgEAk77VNlJ12AEjoBxHQknuY7a3If3EldVIKyZ8FFMQ2nn9K7ct\npNQs+uoy3UnCub0PSD17WphUr55dMXRPB/xQId2kz2hPGxJjbSWZTCqZ80gwYfqB\nfB6nCErcPiscHxhMcao1jK34bug7StnllALWiYQTqm3ITzPMUJY3kjPcX4jnn1TZ\nSPCYQ9Zm/Z8XOEPFAVEL1+MjDxRdWxTnS77d9MjaAzfR1jmhIVEwg7Bt1zBOlluR"
},
"ipv6": {
"ip_used": "2606:4700::6811:51bb",
"ip_version": 6,
"raw_handshake": "40A7E93FB9790000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1599:SSL alert number 40\nCONNECTED(00000010)\n---\nno peer certificate available\n---\nNo client certificate CA names sent\n---\nSSL handshake has read 7 bytes and written 315 bytes\nVerification: OK\n---\nNew, (NONE), Cipher is (NONE)\nSecure Renegotiation IS NOT supported\nCompression: NONE\nExpansion: NONE\nNo ALPN negotiated\nEarly data was not sent\nVerify return code: 0 (ok)\n---"
}
}
HTTP Response Headers
{
"v4_http": {
"http_code": 403,
"curl_error": null,
"primary_ip": "104.17.82.187",
"total_time_ms": 845.45,
"connect_time_ms": 5.63,
"response_headers": {
"0": "HTTP/1.1 301 Moved Permanently",
"1": "Content-Type: text/html; charset=UTF-8",
"2": "Connection: keep-alive",
"3": "Date: Fri, 03 Jul 2026 19:48:21 GMT",
"4": "Location: https://www.nestle.com.my",
"5": "Access-Control-Allow-Origin: http://nestle.com.my",
"6": "Access-Control-Allow-Methods: GET, POST",
"8": "HTTP/2 403",
"9": "date: Fri, 03 Jul 2026 19:48:22 GMT",
"10": "content-type: text/html; charset=UTF-8",
"11": "content-length: 40483",
"12": "accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA",
"13": "cf-mitigated: challenge",
"14": "x-frame-options: SAMEORIGIN",
"15": "server: cloudflare",
"16": "critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA",
"17": "cross-origin-embedder-policy: require-corp",
"18": "cross-origin-opener-policy: same-origin",
"19": "cross-origin-resource-policy: same-origin",
"20": "origin-agent-cluster: ?1",
"21": "permissions-policy: accelerometer=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),xr-spatial-tracking=*",
"22": "referrer-policy: same-origin",
"23": "server-timing: chlray;desc=\"a15868461943a559\"",
"24": "x-content-type-options: nosniff",
"25": "strict-transport-security: max-age=31536000",
"26": "cf-ray: a15868461943a559-KUL"
},
"starttransfer_time_ms": 845.36
},
"v6_http": {
"http_code": 301,
"curl_error": "Could not resolve host: nestle.com.my",
"primary_ip": "2606:4700::6811:51bb",
"total_time_ms": 28.86,
"connect_time_ms": 1,
"response_headers": [
"HTTP/1.1 301 Moved Permanently",
"Date: Fri, 03 Jul 2026 19:48:21 GMT",
"Content-Type: text/html; charset=UTF-8",
"Connection: keep-alive",
"Location: https://nestle.com.my/",
"Server: cloudflare",
"CF-RAY: a1586840afe764ad-KUL"
],
"starttransfer_time_ms": 27.59
},
"v4_https": {
"tls": {
"protocol": 0,
"certificates": [
{
"Cert": "-----BEGIN CERTIFICATE-----\nMIIDizCCAxGgAwIBAgISBmIawHpAo39iAKY9z7ep9lGSMAoGCCqGSM49BAMDMDIx\nCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF\nNzAeFw0yNjA1MTExMDE2NDVaFw0yNjA4MDkxMDE2NDRaMBwxGjAYBgNVBAMTEXd3\ndy5uZXN0bGUuY29tLm15MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsrJEt2vf\noWzmJuDblOUdUm/1HMN/Ei1hep8BAjfUn1CiUnbv5dEu7QpQCMfPcTWdDSPOgYuK\nae3/hmadnavOZqOCAhswggIXMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggr\nBgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSXL9YOk7bnHU9LxLKDoZcu\ni6+9SzAfBgNVHSMEGDAWgBSuSJ7chx1EoG/aouVgdAR4wpwAgDAyBggrBgEFBQcB\nAQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNy5pLmxlbmNyLm9yZy8wHAYDVR0R\nBBUwE4IRd3d3Lm5lc3RsZS5jb20ubXkwEwYDVR0gBAwwCjAIBgZngQwBAgEwLQYD\nVR0fBCYwJDAioCCgHoYcaHR0cDovL2U3LmMubGVuY3Iub3JnLzE5LmNybDCCAQoG\nCisGAQQB1nkCBAIEgfsEgfgA9gB9AEavhj07PuWfpXfeqCRdNrDZ7SKiI/Rhd0Ei\nlFLulVBfAAABnha/mJIACAAABQAGSx4fBAMARjBEAiAK+TVgyC0pr99kFEMtumh4\nFSoRQw74LIku1FPghyjsegIgXlT5I+OJA2e3yYSkXg8GnL7D9rfkq5b0UQo1nvDu\nfyoAdQCvZ4g7V7BO3Y+m2X72LqjrgQrHcWDwJF5V1gwv54WHOgAAAZ4Wv5lJAAAE\nAwBGMEQCIBIqxAxxkYE8nASSA/yYvpz6dTwMvFn9VSzYXhP5e78XAiAjh8U8mb29\nOH/sg6hZhTEgYHRPWIEBZ8MvemhVxt4NujAKBggqhkjOPQQDAwNoADBlAjEAtMdq\nFR6jn3kGuNmBFyUoEeU3UGQWRcuhE6crqQvlFlQ3aaFSoN3AcqtnnHY+l8JaAjBB\nYFoOjI/u57TVqqYCPyVsqMCENFXJunJPTcPMvhhGjRSHga3Qno7tKfgofw14H8Q=\n-----END CERTIFICATE-----\n",
"Issuer": "C = US, O = Let's Encrypt, CN = E7",
"Subject": "CN = www.nestle.com.my",
"Version": "2",
"Signature": "30:65:02:31:00:b4:c7:6a:15:1e:a3:9f:79:06:b8:d9:81:17:25:28:11:e5:37:50:64:16:45:cb:a1:13:a7:2b:a9:0b:e5:16:54:37:69:a1:52:a0:dd:c0:72:ab:67:9c:76:3e:97:c2:5a:02:30:41:60:5a:0e:8c:8f:ee:e7:b4:d5:aa:a6:02:3f:25:6c:a8:c0:84:34:55:c9:ba:72:4f:4d:c3:cc:be:18:46:8d:14:87:81:ad:d0:9e:8e:ed:29:f8:28:7f:0d:78:1f:c4:",
"Start date": "May 11 10:16:45 2026 GMT",
"Expire date": "Aug 9 10:16:44 2026 GMT",
"Serial Number": "06621ac07a40a37f6200a63dcfb7a9f65192",
"X509v3 Key Usage": "Digital Signature",
"Signature Algorithm": "ecdsa-with-SHA384",
"Public Key Algorithm": "id-ecPublicKey",
"CT Precertificate SCTs": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:\n D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F\n Timestamp : May 11 11:15:15.730 2026 GMT\n Extensions: 00:00:05:00:06:4B:1E:1F\n Signature : ecdsa-with-SHA256\n 30:44:02:20:0A:F9:35:60:C8:2D:29:AF:DF:64:14:43:\n 2D:BA:68:78:15:2A:11:43:0E:F8:2C:89:2E:D4:53:E0:\n 87:28:EC:7A:02:20:5E:54:F9:23:E3:89:03:67:B7:C9:\n 84:A4:5E:0F:06:9C:BE:C3:F6:B7:E4:AB:96:F4:51:0A:\n 35:9E:F0:EE:7F:2A\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : AF:67:88:3B:57:B0:4E:DD:8F:A6:D9:7E:F6:2E:A8:EB:\n 81:0A:C7:71:60:F0:24:5E:55:D6:0C:2F:E7:85:87:3A\n Timestamp : May 11 11:15:15.913 2026 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:12:2A:C4:0C:71:91:81:3C:9C:04:92:03:\n FC:98:BE:9C:FA:75:3C:0C:BC:59:FD:55:2C:D8:5E:13:\n F9:7B:BF:17:02:20:23:87:C5:3C:99:BD:BD:38:7F:EC:\n 83:A8:59:85:31:20:60:74:4F:58:81:01:67:C3:2F:7A:\n 68:55:C6:DE:0D:BA",
"X509v3 Basic Constraints": "CA:FALSE",
"X509v3 Extended Key Usage": "TLS Web Server Authentication",
"X509v3 Certificate Policies": "Policy: 2.23.140.1.2.1",
"Authority Information Access": "CA Issuers - URI:http://e7.i.lencr.org/",
"X509v3 Subject Key Identifier": "97:2F:D6:0E:93:B6:E7:1D:4F:4B:C4:B2:83:A1:97:2E:8B:AF:BD:4B",
"X509v3 CRL Distribution Points": "Full Name:\n URI:http://e7.c.lencr.org/19.crl",
"X509v3 Authority Key Identifier": "AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80",
"X509v3 Subject Alternative Name": "DNS:www.nestle.com.my"
},
{
"Cert": "-----BEGIN CERTIFICATE-----\nMIIEVzCCAj+gAwIBAgIRAKp18eYrjwoiCWbTi7/UuqEwDQYJKoZIhvcNAQELBQAw\nTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\ncmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw\nWhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\nRW5jcnlwdDELMAkGA1UEAxMCRTcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARB6AST\nCFh/vjcwDMCgQer+VtqEkz7JANurZxLP+U9TCeioL6sp5Z8VRvRbYk4P1INBmbef\nQHJFHCxcSjKmwtvGBWpl/9ra8HW0QDsUaJW2qOJqceJ0ZVFT3hbUHifBM/2jgfgw\ngfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD\nATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSuSJ7chx1EoG/aouVgdAR4\nwpwAgDAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB\nAQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g\nBAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu\nY3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAjx66fDdLk5ywFn3CzA1w1qfylHUD\naEf0QZpXcJseddJGSfbUUOvbNR9N/QQ16K1lXl4VFyhmGXDT5Kdfcr0RvIIVrNxF\nh4lqHtRRCP6RBRstqbZ2zURgqakn/Xip0iaQL0IdfHBZr396FgknniRYFckKORPG\nyM3QKnd66gtMst8I5nkRQlAg/Jb+Gc3egIvuGKWboE1G89NTsN9LTDD3PLj0dUMr\nOIuqVjLB8pEC6yk9enrlrqjXQgkLEYhXzq7dLafv5Vkig6Gl0nuuqjqfp0Q1bi1o\nyVNAlXe6aUXw92CcghC9bNsKEO1+M52YY5+ofIXlS/SEQbvVYYBLZ5yeiglV6t3S\nM6H+vTG0aP9YHzLn/KVOHzGQfXDP7qM5tkf+7diZe7o2fw6O7IvN6fsQXEQQj8TJ\nUXJxv2/uJhcuy/tSDgXwHM8Uk34WNbRT7zGTGkQRX0gsbjAea/jYAoWv0ZvQRwpq\nPe79D/i7Cep8qWnA+7AE/3B3S/3dEEYmc0lpe1366A/6GEgk3ktr9PEoQrLChs6I\ntu3wnNLB2euC8IKGLQFpGtOO/2/hiAKjyajaBP25w1jF0Wl8Bbqne3uZ2q1GyPFJ\nYRmT7/OXpmOH/FVLtwS+8ng1cAmpCujPwteJZNcDG0sF2n/sc0+SQf49fdyUK0ty\n+VUwFj9tmWxyR/M=\n-----END CERTIFICATE-----\n",
"Issuer": "C = US, O = Internet Security Research Group, CN = ISRG Root X1",
"Subject": "C = US, O = Let's Encrypt, CN = E7",
"Version": "2",
"Signature": "8f:1e:ba:7c:37:4b:93:9c:b0:16:7d:c2:cc:0d:70:d6:a7:f2:94:75:03:68:47:f4:41:9a:57:70:9b:1e:75:d2:46:49:f6:d4:50:eb:db:35:1f:4d:fd:04:35:e8:ad:65:5e:5e:15:17:28:66:19:70:d3:e4:a7:5f:72:bd:11:bc:82:15:ac:dc:45:87:89:6a:1e:d4:51:08:fe:91:05:1b:2d:a9:b6:76:cd:44:60:a9:a9:27:fd:78:a9:d2:26:90:2f:42:1d:7c:70:59:af:7f:7a:16:09:27:9e:24:58:15:c9:0a:39:13:c6:c8:cd:d0:2a:77:7a:ea:0b:4c:b2:df:08:e6:79:11:42:50:20:fc:96:fe:19:cd:de:80:8b:ee:18:a5:9b:a0:4d:46:f3:d3:53:b0:df:4b:4c:30:f7:3c:b8:f4:75:43:2b:38:8b:aa:56:32:c1:f2:91:02:eb:29:3d:7a:7a:e5:ae:a8:d7:42:09:0b:11:88:57:ce:ae:dd:2d:a7:ef:e5:59:22:83:a1:a5:d2:7b:ae:aa:3a:9f:a7:44:35:6e:2d:68:c9:53:40:95:77:ba:69:45:f0:f7:60:9c:82:10:bd:6c:db:0a:10:ed:7e:33:9d:98:63:9f:a8:7c:85:e5:4b:f4:84:41:bb:d5:61:80:4b:67:9c:9e:8a:09:55:ea:dd:d2:33:a1:fe:bd:31:b4:68:ff:58:1f:32:e7:fc:a5:4e:1f:31:90:7d:70:cf:ee:a3:39:b6:47:fe:ed:d8:99:7b:ba:36:7f:0e:8e:ec:8b:cd:e9:fb:10:5c:44:10:8f:c4:c9:51:72:71:bf:6f:ee:26:17:2e:cb:fb:52:0e:05:f0:1c:cf:14:93:7e:16:35:b4:53:ef:31:93:1a:44:11:5f:48:2c:6e:30:1e:6b:f8:d8:02:85:af:d1:9b:d0:47:0a:6a:3d:ee:fd:0f:f8:bb:09:ea:7c:a9:69:c0:fb:b0:04:ff:70:77:4b:fd:dd:10:46:26:73:49:69:7b:5d:fa:e8:0f:fa:18:48:24:de:4b:6b:f4:f1:28:42:b2:c2:86:ce:88:b6:ed:f0:9c:d2:c1:d9:eb:82:f0:82:86:2d:01:69:1a:d3:8e:ff:6f:e1:88:02:a3:c9:a8:da:04:fd:b9:c3:58:c5:d1:69:7c:05:ba:a7:7b:7b:99:da:ad:46:c8:f1:49:61:19:93:ef:f3:97:a6:63:87:fc:55:4b:b7:04:be:f2:78:35:70:09:a9:0a:e8:cf:c2:d7:89:64:d7:03:1b:4b:05:da:7f:ec:73:4f:92:41:fe:3d:7d:dc:94:2b:4b:72:f9:55:30:16:3f:6d:99:6c:72:47:f3:",
"Start date": "Mar 13 00:00:00 2024 GMT",
"Expire date": "Mar 12 23:59:59 2027 GMT",
"Serial Number": "aa75f1e62b8f0a220966d38bbfd4baa1",
"X509v3 Key Usage": "Digital Signature, Certificate Sign, CRL Sign",
"Signature Algorithm": "sha256WithRSAEncryption",
"Public Key Algorithm": "id-ecPublicKey",
"X509v3 Basic Constraints": "CA:TRUE, pathlen:0",
"X509v3 Extended Key Usage": "TLS Web Client Authentication, TLS Web Server Authentication",
"X509v3 Certificate Policies": "Policy: 2.23.140.1.2.1",
"Authority Information Access": "CA Issuers - URI:http://x1.i.lencr.org/",
"X509v3 Subject Key Identifier": "AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80",
"X509v3 CRL Distribution Points": "Full Name:\n URI:http://x1.c.lencr.org/",
"X509v3 Authority Key Identifier": "79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E"
}
]
},
"http_code": 403,
"curl_error": null,
"primary_ip": "104.17.82.187",
"total_time_ms": 1919.49,
"connect_time_ms": 5.41,
"response_headers": {
"0": "HTTP/1.1 301 Moved Permanently",
"1": "Content-Type: text/html; charset=UTF-8",
"2": "Connection: keep-alive",
"3": "Date: Fri, 03 Jul 2026 19:48:23 GMT",
"4": "Location: https://www.nestle.com.my",
"5": "Access-Control-Allow-Origin: https://nestle.com.my",
"6": "Access-Control-Allow-Methods: GET, POST",
"8": "HTTP/2 403",
"9": "date: Fri, 03 Jul 2026 19:48:24 GMT",
"10": "content-type: text/html; charset=UTF-8",
"11": "content-length: 40483",
"12": "accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA",
"13": "cf-mitigated: challenge",
"14": "x-frame-options: SAMEORIGIN",
"15": "server: cloudflare",
"16": "critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA",
"17": "cross-origin-embedder-policy: require-corp",
"18": "cross-origin-opener-policy: same-origin",
"19": "cross-origin-resource-policy: same-origin",
"20": "origin-agent-cluster: ?1",
"21": "permissions-policy: accelerometer=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),xr-spatial-tracking=*",
"22": "referrer-policy: same-origin",
"23": "server-timing: chlray;desc=\"a158685218121a53\"",
"24": "x-content-type-options: nosniff",
"25": "strict-transport-security: max-age=31536000",
"26": "cf-ray: a158685218121a53-KUL"
},
"starttransfer_time_ms": 1919.41
},
"v6_https": {
"http_code": 0,
"curl_error": "OpenSSL/3.0.13: error:0A000410:SSL routines::sslv3 alert handshake failure",
"primary_ip": "2606:4700::6811:51bb",
"total_time_ms": 3.86,
"connect_time_ms": 0.85,
"response_headers": [],
"starttransfer_time_ms": 0
}
}
Connectivity Test Output
{
"tcp_connect_v4_80": "301 0.001558 0.709681",
"tcp_connect_v6_80": "301 0.001185 0.020312",
"tcp_connect_v4_443": "301 0.001316 1.879938",
"tcp_connect_v6_443": "000 0.000823 0.000000"
}
Integrity Details
Algorithm: hmac-sha256-v1
Root Hash: bbdfab9fabfeb643bf592bf5da7fdfee7fbf703165fa559d5c553ed569af9cfc
http_headers: 2c20cd9a14f50425bf4852d741c47e63cc6841b7245252ac4ebf5d48476b5ac1
dns_responses: 111eea71af72696aa8b01dbb47c0ad5602cbb2897064e9e9ad8ab8d0ac6b7b74
tls_handshake: 94f3be18d31b58a7562200d8e492859169ec03d4e2206300d7a5dba57272a8d4
connectivity_log: ed20a9d5176fb3d86cdc42088f29bc1c220cca7ce8e59851216b22de24fa6cc3
dns_resolution_times: 6dba7b29884b889c38bb28acb2f1cb19e4e13e70831c140e7d3fc56b6a8b8ed2