cokeandgo-stg-us.instagng.com Open in urlscan Pro
20.49.104.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cokeandgo-stg-us.instagng.com/
Submission: On June 19 via api (June 19th 2024, 12:42:30 am UTC) from US — Scanned from US

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 20.49.104.32, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cokeandgo-stg-us.instagng.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 18th 2023. Valid for: a year.

This is the only time cokeandgo-stg-us.instagng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	20.49.104.32 20.49.104.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:24f... 2600:9000:24f1:e000:1c:d28c:5a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.194.55.176 54.194.55.176	16509 (AMAZON-02) (AMAZON-02)
1	20.168.227.67 20.168.227.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	4

12 20.49.104.32 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cokeandgo-stg-us.instagng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:e000:1c:d28c:5a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

gamma-myaccount.latam.coca-cola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.55.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-55-176.eu-west-1.compute.amazonaws.com

uat.hpp.converge.eu.elavonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.168.227.67 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

portal-stg.instagng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	instagng.com cokeandgo-stg-us.instagng.com portal-stg.instagng.com	2 MB
1	elavonaws.com uat.hpp.converge.eu.elavonaws.com	22 KB
1	coca-cola.com gamma-myaccount.latam.coca-cola.com	64 KB
15	3

	Domain	Requested by
12	cokeandgo-stg-us.instagng.com	cokeandgo-stg-us.instagng.com
1	portal-stg.instagng.com	cokeandgo-stg-us.instagng.com
1	uat.hpp.converge.eu.elavonaws.com	cokeandgo-stg-us.instagng.com
1	gamma-myaccount.latam.coca-cola.com	cokeandgo-stg-us.instagng.com
15	4

This site contains links to these domains. Also see Links.

Domain
us.coca-cola.com

Subject Issuer	Validity	Valid
*.instagng.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-18` - `2024-11-09`	a year	crt.sh
gamma-myaccount.latam.coca-cola.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
nonprod-hpp.converge.eu.elavonaws.com Entrust Certification Authority - L1K	`2024-04-15` - `2025-05-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cokeandgo-stg-us.instagng.com/
Frame ID: 61FFFF20D6A53F1E445D31065C251286
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coke & Go US | Hurry Form

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1938 kB
Transfer

4859 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://us.coca-cola.com/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://us.coca-cola.com/terms-of-use
Title: terms of use and sale

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cokeandgo-stg-us.instagng.com/ 2 KB
3 KB 429ms
83ms Document
text/html 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8e4d2fde62b32f4a408d088f8c02a80e45fe96696a4a1356a510bdfed217c427

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1443
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Content-Type: text/html
Date: Wed, 19 Jun 2024 00:42:24 GMT
ETag: "be1aa54c9bbda1:0"
Last-Modified: Tue, 11 Jun 2024 06:33:54 GMT
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

GET
H2 200 tcccLogin.js Show response
gamma-myaccount.latam.coca-cola.com/sdk/latest/ 312 KB
64 KB 570ms
157ms Script
application/javascript 2600:9000:24f1:e000:1c:d28c:5a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gamma-myaccount.latam.coca-cola.com/sdk/latest/tcccLogin.js

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f1:e000:1c:d28c:5a00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ef1f248984b7fa61869ec9706647160d277732a090464ffaf2c35e3ee763c876

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: mediastream: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; font-src https: data: 'self' 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' gamma-login.latam.coca-cola.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:03:56 GMT
content-encoding: br
via: 1.1 25c8a58d4773aeef98fa0f0f950689bc.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: blob: mediastream: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; font-src https: data: 'self' 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' gamma-login.latam.coca-cola.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
age: 239909
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Nov 2023 20:24:25 GMT
server: CloudFront
etag: W/"b180e5e78c61efa360810d717f44eae9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
x-ttl-custom: ttl=null
x-amz-cf-id: Q0bMkON5eHRbAoILTNzPNU4E52a2znCoS3tfHs1pXAZkF-YF_Aa3yg==
expires: Tue, 17 Sep 2024 00:42:24 GMT

GET
H/1.1 200
OK 2.101fd9f2.chunk.css
cokeandgo-stg-us.instagng.com/static/css/ 563 KB
113 KB 288ms
287ms Stylesheet
text/css 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/css/2.101fd9f2.chunk.css

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f655743eb4eb3af610bf1365f9ea933913a27b548f4afe34ff927224ce384dea

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 11 Jun 2024 06:34:02 GMT
Server: Microsoft-IIS/10.0
ETag: "8d2da659c9bbda1:0"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: text/css
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes

GET
H/1.1 200
OK main.9b4509ce.chunk.css
cokeandgo-stg-us.instagng.com/static/css/ 226 KB
67 KB 358ms
179ms Stylesheet
text/css 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

38735040857bafcdcad987cd2e45e3db8d1777074120740237d38f33aa9d9a4c

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 11 Jun 2024 06:34:07 GMT
Server: Microsoft-IIS/10.0
ETag: "10da465cc9bbda1:0"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: text/css
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes

GET
H/1.1 200
OK 2.31c9643d.chunk.js Show response
cokeandgo-stg-us.instagng.com/static/js/ 2 MB
849 KB 681ms
502ms Script
application/x-javascript 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/js/2.31c9643d.chunk.js

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6c9f06639c66050c4a6ecff03b61bafc013013a79b9a6bd7ac04148c60590f2a

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 11 Jun 2024 06:34:13 GMT
Server: Microsoft-IIS/10.0
ETag: "9529fc5fc9bbda1:0"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: application/x-javascript
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes

GET
H/1.1 200
OK main.b965b774.chunk.js Show response
cokeandgo-stg-us.instagng.com/static/js/ 1 MB
566 KB 723ms
545ms Script
application/x-javascript 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/js/main.b965b774.chunk.js

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

71cf970b4a937695f52a368dd5a5961f02643256482c6455872dcce3d252c119

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 11 Jun 2024 06:34:22 GMT
Server: Microsoft-IIS/10.0
ETag: "ced23f65c9bbda1:0"
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: application/x-javascript
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes

GET
H2 200 library.js Show response
uat.hpp.converge.eu.elavonaws.com/client/ 60 KB
22 KB 739ms
294ms Script
application/javascript 54.194.55.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.hpp.converge.eu.elavonaws.com/client/library.js

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.55.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-55-176.eu-west-1.compute.amazonaws.com

Software

Resource Hash

32f7d0b2bc49ea87f4176e2d2248d5d08bdb5d4467b4a5afadec4177f964f884

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://pay.google.com/gp/p/js/pay.js https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js; script-src-elem 'self' 'unsafe-inline' https://pay.google.com/gp/p/js/pay.js https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js; connect-src 'self' data: https://.mixpanel.com https://.eu.elavonaws.com https://.eu.nonprod.elavonaws.com https://.fraud.elavon.com; img-src * data:; manifest-src 'self'; font-src data:; frame-src https:; frame-ancestors 'none'; report-uri /reports/csp
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 00:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://pay.google.com/gp/p/js/pay.js https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js; script-src-elem 'self' 'unsafe-inline' https://pay.google.com/gp/p/js/pay.js https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js; connect-src 'self' data: https://*.mixpanel.com https://*.eu.elavonaws.com https://*.eu.nonprod.elavonaws.com https://*.fraud.elavon.com; img-src * data:; manifest-src 'self'; font-src data:; frame-src https:; frame-ancestors 'none'; report-uri /reports/csp
last-modified: Tue, 21 May 2024 20:40:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 404
Not Found CheckOnline.html
portal-stg.instagng.com/ 0
0 287ms
72ms Fetch 20.168.227.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal-stg.instagng.com/CheckOnline.html

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/js/main.b965b774.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.168.227.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0

GET
H/1.1 404
Not Found 2def107af3e4eeb88b5ca50c3320ae0a.8ead1fdb.woff2
cokeandgo-stg-us.instagng.com/static/media/ 0
0 181ms
180ms Font
text/html 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/media/2def107af3e4eeb88b5ca50c3320ae0a.8ead1fdb.woff2

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Origin: https://cokeandgo-stg-us.instagng.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/html
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Content-Length: 103
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found 7d3930158276067e79e7e9b281b78976.f1d8c92f.woff2
cokeandgo-stg-us.instagng.com/static/media/ 0
0 172ms
172ms Font
text/html 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/media/7d3930158276067e79e7e9b281b78976.f1d8c92f.woff2

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Origin: https://cokeandgo-stg-us.instagng.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/html
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Content-Length: 103
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found 7d3930158276067e79e7e9b281b78976.566eb262.woff
cokeandgo-stg-us.instagng.com/static/media/ 0
0 122ms
121ms Font
text/html 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/media/7d3930158276067e79e7e9b281b78976.566eb262.woff

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Origin: https://cokeandgo-stg-us.instagng.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/html
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Content-Length: 103
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found 2def107af3e4eeb88b5ca50c3320ae0a.b0f76b0b.woff
cokeandgo-stg-us.instagng.com/static/media/ 0
0 113ms
113ms Font
text/html 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/media/2def107af3e4eeb88b5ca50c3320ae0a.b0f76b0b.woff

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Origin: https://cokeandgo-stg-us.instagng.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/html
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Content-Length: 103
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2def107af3e4eeb88b5ca50c3320ae0a.2def107a.ttf
cokeandgo-stg-us.instagng.com/static/media/ 124 KB
125 KB 114ms
114ms Font
application/octet-stream 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/media/2def107af3e4eeb88b5ca50c3320ae0a.2def107a.ttf

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ef55d6ae96c7878c53ee3331e583b7d37d4c26dadc629ae2a8c3a39e17313418

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Origin: https://cokeandgo-stg-us.instagng.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified: Tue, 11 Jun 2024 06:34:27 GMT
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
ETag: "2a592368c9bbda1:0"
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: application/octet-stream
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Content-Length: 127264
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 7d3930158276067e79e7e9b281b78976.7d393015.ttf
cokeandgo-stg-us.instagng.com/static/media/ 124 KB
125 KB 94ms
94ms Font
application/octet-stream 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/static/media/7d3930158276067e79e7e9b281b78976.7d393015.ttf

Requested by

Host: cokeandgo-stg-us.instagng.com
URL: https://cokeandgo-stg-us.instagng.com/static/css/main.9b4509ce.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

536aed2374eae8ada57d5f4f5b971ae15c4e44dbeddee9b99d07c521375852fb

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Origin: https://cokeandgo-stg-us.instagng.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified: Tue, 11 Jun 2024 06:34:33 GMT
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
ETag: "196386cc9bbda1:0"
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: application/octet-stream
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Content-Length: 127192
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cokelogo.ico
cokeandgo-stg-us.instagng.com/ 3 KB
4 KB 88ms
87ms Other
image/x-icon 20.49.104.32
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cokeandgo-stg-us.instagng.com/cokelogo.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.49.104.32 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8f82f019e22266b38c8e29d569f5c8a4e20c793b0161ab109fcc11ae96c760e5

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cokeandgo-stg-us.instagng.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:42:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified: Tue, 11 Jun 2024 06:33:59 GMT
Server: Microsoft-IIS/10.0
Referrer-Policy: strict-origin
ETag: "fc719257c9bbda1:0"
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: image/x-icon
Permissions-Policy: accelerometer=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Content-Length: 2834
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cokeandgo-stg-us.instagng.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 59ae157c8822bc0198facf346c4a76e8693a8274955d1b2ced7f11491aec46d5
			.cokeandgo-stg-us.instagng.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 59ae157c8822bc0198facf346c4a76e8693a8274955d1b2ced7f11491aec46d5

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cokeandgo-stg-us.instagng.com/static/media/7d3930158276067e79e7e9b281b78976.f1d8c92f.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cokeandgo-stg-us.instagng.com/static/media/2def107af3e4eeb88b5ca50c3320ae0a.8ead1fdb.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://portal-stg.instagng.com/CheckOnline.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cokeandgo-stg-us.instagng.com/static/media/2def107af3e4eeb88b5ca50c3320ae0a.b0f76b0b.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cokeandgo-stg-us.instagng.com/static/media/7d3930158276067e79e7e9b281b78976.566eb262.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cokeandgo-stg-us.instagng.com
gamma-myaccount.latam.coca-cola.com
portal-stg.instagng.com
uat.hpp.converge.eu.elavonaws.com
20.168.227.67
20.49.104.32
2600:9000:24f1:e000:1c:d28c:5a00:93a1
54.194.55.176
32f7d0b2bc49ea87f4176e2d2248d5d08bdb5d4467b4a5afadec4177f964f884
38735040857bafcdcad987cd2e45e3db8d1777074120740237d38f33aa9d9a4c
536aed2374eae8ada57d5f4f5b971ae15c4e44dbeddee9b99d07c521375852fb
6c9f06639c66050c4a6ecff03b61bafc013013a79b9a6bd7ac04148c60590f2a
71cf970b4a937695f52a368dd5a5961f02643256482c6455872dcce3d252c119
8e4d2fde62b32f4a408d088f8c02a80e45fe96696a4a1356a510bdfed217c427
8f82f019e22266b38c8e29d569f5c8a4e20c793b0161ab109fcc11ae96c760e5
ef1f248984b7fa61869ec9706647160d277732a090464ffaf2c35e3ee763c876
ef55d6ae96c7878c53ee3331e583b7d37d4c26dadc629ae2a8c3a39e17313418
f655743eb4eb3af610bf1365f9ea933913a27b548f4afe34ff927224ce384dea

cokeandgo-stg-us.instagng.com Open in urlscan Pro 20.49.104.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

1938 kBTransfer

4859 kBSize

2 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

5 Console Messages

Security Headers

Indicators

cokeandgo-stg-us.instagng.com Open in urlscan Pro
20.49.104.32 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1938 kB
Transfer

4859 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions