urlscan.io logo urlscan.io
SecurityTrails logo

heinekenbrasil.pertinhodemim.com Open in urlscan Pro
13.224.189.89  Public Scan

Go To Rescan Add Verdict Report
URL: https://heinekenbrasil.pertinhodemim.com/
Submission Tags: phishing
Submission: On March 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 16 domains to perform 26 HTTP transactions. The main IP is 13.224.189.89, located in United States and belongs to AMAZON-02, US. The main domain is heinekenbrasil.pertinhodemim.com.
TLS certificate: Issued by Amazon on October 7th 2022. Valid for: a year.
This is the only time heinekenbrasil.pertinhodemim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.224.189.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-89.fra2.r.cloudfront.net
heinekenbrasil.pertinhodemim.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.224.189.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-3.fra2.r.cloudfront.net
www2.pertinhodemim.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    13.225.78.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-74.fra2.r.cloudfront.net
tdn.r42tag.com
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    16.12.0.34 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1-r-w.amazonaws.com
gofind-languages.s3-sa-east-1.amazonaws.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    13.225.78.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-122.fra2.r.cloudfront.net
t.svtrd.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    52.208.205.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-205-244.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    191.232.216.52 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
heibr1digitalconnacc.blob.core.windows.net
1    2600:9000:20eb:c600:17:6805:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.pertinhodemim.com
Apex Domain
Subdomains		 Transfer
4 svtrd.com
t.svtrd.com — Cisco Umbrella Rank: 29206
2 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
135 KB
3 pertinhodemim.com
heinekenbrasil.pertinhodemim.com
www2.pertinhodemim.com
images.pertinhodemim.com
674 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
88 KB
2 r42tag.com
tdn.r42tag.com — Cisco Umbrella Rank: 32018
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 windows.net
heibr1digitalconnacc.blob.core.windows.net
68 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6149
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
185 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 585
321 B
1 amazonaws.com
gofind-languages.s3-sa-east-1.amazonaws.com
76 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 901
44 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1275
42 KB
26 16
Domain Requested by
4 t.svtrd.com 2 redirects heinekenbrasil.pertinhodemim.com
3 www.google-analytics.com www.googletagmanager.com
www2.pertinhodemim.com
heinekenbrasil.pertinhodemim.com
3 www.googletagmanager.com heinekenbrasil.pertinhodemim.com
www.googletagmanager.com
2 cm.g.doubleclick.net 2 redirects
2 connect.facebook.net heinekenbrasil.pertinhodemim.com
connect.facebook.net
2 tdn.r42tag.com heinekenbrasil.pertinhodemim.com
tdn.r42tag.com
2 fonts.googleapis.com heinekenbrasil.pertinhodemim.com
www2.pertinhodemim.com
1 images.pertinhodemim.com
1 heibr1digitalconnacc.blob.core.windows.net
1 www.google.de heinekenbrasil.pertinhodemim.com
1 www.google.com heinekenbrasil.pertinhodemim.com
1 www.facebook.com heinekenbrasil.pertinhodemim.com
1 beacon.krxd.net heinekenbrasil.pertinhodemim.com
1 stats.g.doubleclick.net www2.pertinhodemim.com
1 gofind-languages.s3-sa-east-1.amazonaws.com www2.pertinhodemim.com
1 www.googleoptimize.com heinekenbrasil.pertinhodemim.com
1 www2.pertinhodemim.com heinekenbrasil.pertinhodemim.com
1 polyfill.io heinekenbrasil.pertinhodemim.com
1 heinekenbrasil.pertinhodemim.com
26 19

This site contains links to these domains. Also see Links.

Domain
www.gofind.online
Subject Issuer Validity Valid
*.pertinhodemim.com
Amazon		 2022-10-07 -
2023-11-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tdn.r42tag.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-11-22		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-08		 2 months crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon		 2022-09-21 -
2023-09-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
t.svtrd.com
Amazon RSA 2048 M02		 2023-02-17 -
2023-11-22		 9 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2023-01-26 -
2024-01-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://heinekenbrasil.pertinhodemim.com/
Frame ID: 2FA094162AB877BB539F3F1050F759B9
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Onde encontrar Heineken

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

26
Requests

92 %
HTTPS

58 %
IPv6

16
Domains

19
Subdomains

19
IPs

5
Countries

1164 kB
Transfer

3567 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://t.svtrd.com/s-1389?i=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&partnerId=7&secure=true&cb=1677678291856 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=relay42_dmp&google_cm&google_sc&ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=relay42_dmp&google_cm=&google_sc=&ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid&google_tc= HTTP 302
  • https://t.svtrd.com/syncResponse?ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid&google_gid=CAESENsP-66y51NpkhH7mbYd9x8&google_cver=1
Request Chain 19
  • https://t.svtrd.com/s-1389?i=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&partnerId=20&secure=true&cb=1677678291863 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=Relay42&partner_uid=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heinekenbrasil.pertinhodemim.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-89.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
ff2f3866cfeea07f8673a00b4a99601d30ba470770e719748cd00971c19ce8b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public,max-age=0,no-cache,no-store,must-revalidate
content-encoding
gzip
content-length
3085
content-type
text/html; charset=utf-8
date
Wed, 01 Mar 2023 13:44:51 GMT
etag
W/"1feb-XXpuD6YVqzTsJtR9xhBeeuGABZk"
vary
Accept-Encoding
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront), 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-apigw-id
BGqA9FS3mjQFmTA=
x-amz-cf-id
LO03pUFaMN-BbFLAiHQFhQwyHQ61l_QzRRt9IQmcA76KeQEOrjQtQA==
x-amz-cf-pop
FRA56-P6 FRA2-C1
x-amzn-requestid
a9a6616d-84f0-443a-85ad-d958e79df837
x-amzn-trace-id
Root=1-63ff56d2-509eecf61396c7bc3cf23d74;Sampled=0
x-cache
Miss from cloudfront
x-powered-by
Express
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ac0d5a5ba326905648fb53a34951343a3764efaaf7375c1908b3c1c63185121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38421
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Mar 2023 13:44:51 GMT
polyfill.min.js
polyfill.io/v3/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default%2Ces2017%2Ces2015
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d9a06eccea38c42bb2a307cfa94da91a355345a102a1c276a045eb50a39bb7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 13:44:51 GMT
age
610177
detected-user-agent
FacebookBot/1.1.
useragent_normaliser
other/0.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42732
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Feb 2023 11:03:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
other/0.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		812 B
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82323ec26c8b88d2b666bb41dba70668afa283bd23452d619ef6d7228be0c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 01 Mar 2023 13:44:51 GMT
main.107d3d69a5eceb613f72.js
www2.pertinhodemim.com/build/js/ 		2 MB
664 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.pertinhodemim.com/build/js/main.107d3d69a5eceb613f72.js
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-3.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83f9834e1adf268084722ac83e74504a9e8ee405514fbcad93f448ad7e2fe28f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 27 Feb 2023 20:29:23 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 20:02:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
148529
etag
W/"28e55fa807e4e990d280ca6e19820b1f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
tYZXR4qphiEmphFheaB4NF9Ti8hWrq42Kquw2ySkFDU-WnHVcJFplQ==
optimize.js
www.googleoptimize.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-TNWSQJ3
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
deba53bf035b664afda505b9b1961d7d9297ddbb0919ce8231ea618a83166e20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44822
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Mar 2023 13:44:51 GMT
gtm.js
www.googletagmanager.com/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M2PTX3J
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f65881b18543632524030e2ed6d9babb26807ecb813f6ec90f6ae659b06b8bce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54470
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Mar 2023 13:44:51 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-69739739-10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd40e8f28539c31c3477d7e6fdca3fe2592dd301a8eda4ab2354a50f1b3fc679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44584
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Mar 2023 13:44:51 GMT
1389-v1.js
tdn.r42tag.com/lib/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/lib/1389-v1.js
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-74.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b939fbefb37335a7cacf4c29897a6a48b1978373381cf8fcda5157c5fa6a1ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id
QRvklfFF9r_X31XqW02153pUWSsPnNYm
content-encoding
gzip
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
date
Wed, 01 Mar 2023 13:44:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
12657
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Aug 2020 14:58:26 GMT
server
AmazonS3
etag
W/"8569a628e0af62884457e20d8e425647"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=UTF-8
cache-control
max-age=14400, public
x-amz-cf-id
anEB6hna3PDpsddt6yGUiToRXcktE38Arq8sgwY2KQXZgPtz8ZHXzw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2PTX3J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 13:14:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1845
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 01 Mar 2023 15:14:06 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type
image/webp
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f14902d723de71d3c4a955cd5175e60a045391bb5ead10dbcab62b816f15743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 13:44:51 GMT
content-md5
M34LbTSZ+nedjeRa/Dk83g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
VS76RzPdBsDg8/1EmGPCDCr98bqYLGhYnt9gQSbCkxutXypsPglTWiVH8UBUUa52vDSZ+BnqYWIM42yp1z6+dw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
x-fb-content-md5
416019801f5e440f1929d19f4d0e65e7
cross-origin-opener-policy
same-origin-allow-popups
etag
"9a054eb088fa4e28a4b102acd086c034"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Mar 2023 14:03:25 GMT
prod
tdn.r42tag.com/tags-1389/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/tags-1389/prod?s=craftclub.pertinhodemim.com&p=reset%3A1&p=HBR_url%3Ahttps%3A%2F%2Fheinekenbrasil.pertinhodemim.com%2F&p=HBR_timeStamp%3A1677678291563&u=https%3A%2F%2Fheinekenbrasil.pertinhodemim.com%2F&r=&cb=1677678291801
Requested by
Host: tdn.r42tag.com
URL: https://tdn.r42tag.com/lib/1389-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-74.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
fe9f8df809169a40ab72205412eeaa2fc3697536e42e6fa3a589719dca38fbd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-backend
tdn-8ff6d880
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
pragma
no-cache
referrer-policy
no-referrer
server
nginx
vary
Origin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0
x-amz-cf-id
W5YiT9TFabIvhF3sqFvG3QeNMRFbuZ6Blfl_410n4Hmt82zyfF1KHw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1372011425&t=pageview&_s=1&dl=https%3A%2F%2Fheinekenbrasil.pertinhodemim.com%2F&ul=en-us&de=UTF-8&dt=Onde%20encontrar%20Heineken&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAIC~&jid=191934028&gjid=1152529980&cid=2142438201.1677678292&tid=UA-69739739-10&_gid=2127493967.1677678292&_r=1&gtm=457e32r0&z=386776337
Requested by
Host: www2.pertinhodemim.com
URL: https://www2.pertinhodemim.com/build/js/main.107d3d69a5eceb613f72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heinekenbrasil.pertinhodemim.com/
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 13:44:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heinekenbrasil.pertinhodemim.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pt-BR.json
gofind-languages.s3-sa-east-1.amazonaws.com/ 		75 KB
76 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofind-languages.s3-sa-east-1.amazonaws.com/pt-BR.json
Requested by
Host: www2.pertinhodemim.com
URL: https://www2.pertinhodemim.com/build/js/main.107d3d69a5eceb613f72.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.34 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5842affa56843cac34f1934aa1516f23f1ce6ae77b2b9c1e90c156a10815ca3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Wed, 01 Mar 2023 13:44:53 GMT
Last-Modified
Thu, 23 Feb 2023 14:34:50 GMT
Server
AmazonS3
x-amz-request-id
WJT95Y38A0JW19G9
ETag
"cb8fbd5cd360c342d0d119ae0e20e560"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
76802
x-amz-id-2
/nkVtQMZoKuV41poi0qHTn7A0qsMovLwEm3B92PgobNk8PGkqQoAteZIH3LC9vtOJwBO95tmHZo=
css2
fonts.googleapis.com/ 		3 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Alegreya:wght@400;500;700&family=PT+Sans:wght@400;700&family=Roboto:wght@300;400;500;700&display=swap&family=Roboto+Condensed:wght@300;400;700&family=STIX+Two+Text:wght@400;500;700&display=swap
Requested by
Host: www2.pertinhodemim.com
URL: https://www2.pertinhodemim.com/build/js/main.107d3d69a5eceb613f72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d492359759629fcb5b7146246ec8096336f8a065e0d86a1a5c4fc57cc323202b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 01 Mar 2023 13:44:51 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1372011425&t=event&ni=1&_s=2&dl=https%3A%2F%2Fheinekenbrasil.pertinhodemim.com%2F&ul=en-us&de=UTF-8&dt=Onde%20encontrar%20Heineken&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=APP_PAGEVIEW&el=Heineken&_u=aEDAAUABAAAAACAAIC~&jid=&gjid=&cid=2142438201.1677678292&tid=UA-69739739-10&_gid=2127493967.1677678292&gtm=457e32r0&z=742976801
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 14:14:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84635
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69739739-10&cid=2142438201.1677678292&jid=191934028&gjid=1152529980&_gid=2127493967.1677678292&_u=YEDAAUAAAAAAACAAIC~&z=834708220
Requested by
Host: www2.pertinhodemim.com
URL: https://www2.pertinhodemim.com/build/js/main.107d3d69a5eceb613f72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heinekenbrasil.pertinhodemim.com/
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 01 Mar 2023 13:44:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heinekenbrasil.pertinhodemim.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c1b4e21fd93569bb59695aea30cbd08a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c932a4c5c3ae0022812a6f78610ca90aaba4734a008133af4f239fc17cb961f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://heinekenbrasil.pertinhodemim.com/
Origin
https://heinekenbrasil.pertinhodemim.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 13:44:51 GMT
content-md5
acOMZahpCRCF+u0KPVsidQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87057
x-fb-rlafr
0
x-fb-debug
Q8ycJjeWadeXSa8GPgeyQhtFgsW04jRIfO3Yl/GehrsHyZtgUF4A7ywghi8CcHa6tOk4nRsX0ivbqcXw+zq/pw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
82d1ceef8bdbe954ca52e842ae6db226
cross-origin-opener-policy
same-origin-allow-popups
etag
"ee631414eede75ec574626005f9bf23c"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Feb 2024 12:05:28 GMT
syncResponse
t.svtrd.com/
Redirect Chain
  • https://t.svtrd.com/s-1389?i=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&partnerId=7&secure=true&cb=1677678291856
  • https://cm.g.doubleclick.net/pixel?google_nid=relay42_dmp&google_cm&google_sc&ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid
  • https://cm.g.doubleclick.net/pixel?google_nid=relay42_dmp&google_cm=&google_sc=&ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid&google_tc=
  • https://t.svtrd.com/syncResponse?ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid&google_gid=CAESENsP-66y51NpkhH7mbYd9x8&google_cver=1
35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.svtrd.com/syncResponse?ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid&google_gid=CAESENsP-66y51NpkhH7mbYd9x8&google_cver=1
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Server
13.225.78.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-122.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:52 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 01 Mar 2023 13:44:52 UTC
server
nginx
x-backend
tracker-83dcd481
x-amz-cf-pop
FRA2-C2
allow
GET, POST, HEAD
x-cache
Miss from cloudfront
p3p
CP="NOI COR NID PSA OUR IND NAV STA"
content-type
image/gif
cache-control
private, no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
35
x-amz-cf-id
jUppFQx4tbo8o9aZRgnTBBqO8YqPQgQIaUvJtC7KG-3z28cX_R3wqQ==

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 13:44:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://t.svtrd.com/syncResponse?ca_site=1389&ca_partner=7&ca_cookie=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&ca_read=google_gid&google_gid=CAESENsP-66y51NpkhH7mbYd9x8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://t.svtrd.com/s-1389?i=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&partnerId=20&secure=true&cb=1677678291863
  • https://beacon.krxd.net/usermatch.gif?partner=Relay42&partner_uid=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=Relay42&partner_uid=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Server
52.208.205.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-205-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Wed, 01 Mar 2023 13:44:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=58 t=1677678292
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 01 Mar 2023 13:44:51 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 01 Mar 2023 13:44:51 UTC
server
nginx
x-backend
tracker-8a685aec
x-amz-cf-pop
FRA2-C2
allow
GET, POST, HEAD
x-cache
Miss from cloudfront
p3p
CP="NOI COR NID PSA OUR IND NAV STA"
location
https://beacon.krxd.net/usermatch.gif?partner=Relay42&partner_uid=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e
cache-control
private, no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
VP6yTCkrK2x6_U50Eg_yS_moQSRZqOhW2SWb66LeT-98osc8tlKpeQ==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1329069167189563&ev=fb_page_view&dl=https%3A%2F%2Fheinekenbrasil.pertinhodemim.com%2F&rl=&if=false&ts=1677678291920&sw=1600&sh=1200&at=
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 01 Mar 2023 13:44:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69739739-10&cid=2142438201.1677678292&jid=191934028&_u=YEDAAUAAAAAAACAAIC~&z=1059132564
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 13:44:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69739739-10&cid=2142438201.1677678292&jid=191934028&_u=YEDAAUAAAAAAACAAIC~&z=1059132564
Requested by
Host: heinekenbrasil.pertinhodemim.com
URL: https://heinekenbrasil.pertinhodemim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 13:44:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t-1389
t.svtrd.com/ 		35 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.svtrd.com/t-1389?i=4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e&e=true&et=HBR_pageView&cup=url%3Ahttps%3A%2F%2Fheinekenbrasil.pertinhodemim.com%2F&cup=userAgent%3Aia_archiver%20(%2Bhttp%3A%2F%2Fwww.alexa.com%2Fsite%2Fhelp%2Fwebmasters%3B%20crawler%40alexa.com)&cup=timestamp%3A1677678292262&cup=HBR_timeStamp%3A&cup=HBR_url%3A&cb=1677678292264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-122.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Wed, 01 Mar 2023 13:44:52 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 01 Mar 2023 13:44:52 UTC
server
nginx
x-backend
tracker-ea26c0ac
x-amz-cf-pop
FRA2-C2
allow
GET, POST, HEAD
x-cache
Miss from cloudfront
p3p
CP="NOI COR NID PSA OUR IND NAV STA"
content-type
image/gif
cache-control
private, no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
35
x-amz-cf-id
xfbmNZ6s5o_Gsq_D5d5eKjJM7GIDrSRTa_2Az2lSjfSwbh6-Y5hwqQ==
HEINEKENCore.woff2
heibr1digitalconnacc.blob.core.windows.net/fonts/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heibr1digitalconnacc.blob.core.windows.net/fonts/HEINEKENCore.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
191.232.216.52 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
87b77ab452174d48c48b0965b150bb5c30d56408366667e8ade52da246d1114d

Request headers

Referer
https://heinekenbrasil.pertinhodemim.com/
Origin
https://heinekenbrasil.pertinhodemim.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 01 Mar 2023 13:44:53 GMT
Last-Modified
Tue, 18 Oct 2022 18:42:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
jx0XZciW5qsRn/PcjIRHDw==
ETag
0x8DAB13883EF693E
Vary
Origin
Content-Type
font/woff2
Access-Control-Allow-Origin
https://heinekenbrasil.pertinhodemim.com
x-ms-request-id
77e3722a-601e-0050-1d44-4c57f8000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
68932
heinekenbrasil.png
images.pertinhodemim.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pertinhodemim.com/heinekenbrasil.png?time=1624560441108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c600:17:6805:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4337e7bc92bf7058b2b19d7e3c84ac1538d9110615894041b204ad50c6cad48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heinekenbrasil.pertinhodemim.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 28 Feb 2023 23:35:47 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 18:47:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
50947
etag
"d61c85b668f882ea774a2d46c989ec99"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png; charset=utf-8
accept-ranges
bytes
content-length
6939
x-amz-cf-id
nMt8Sti69lPSWCpHBlgiu82YoE7Rg7-marlPlIzppc3L6yqmodxfyQ==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| gtagId function| gtag object| dataLayer object| appData object| google_tag_manager object| google_tag_data function| _st string| GoogleAnalyticsObject function| ga object| webpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ function| changeAppData function| setImmediate function| clearImmediate function| gofind function| fbAsyncInit object| google_optimize object| _stq object| _stTracker object| gaplugins object| gaGlobal object| gaData object| FB object| __buffer object| theme

6 Cookies

Domain/Path Name / Value
.pertinhodemim.com/ Name: _ga
Value: GA1.2.2142438201.1677678292
.pertinhodemim.com/ Name: _gid
Value: GA1.2.2127493967.1677678292
.pertinhodemim.com/ Name: _gat_gtag_UA_69739739_10
Value: 1
.pertinhodemim.com/ Name: _svtri
Value: 4d2ddcd1-d9a1-40a7-b8e2-c678c4b46d5e
.pertinhodemim.com/ Name: _svs
Value: %7B%22p%22%3A%7B%227%22%3A1677678291856%2C%2220%22%3A1677678291863%7D%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUld-rU7W6VIp2Hn82jJc3nh5LgyUrY80XM7gadnl7eM_7M3Qd6ezRbOhad8vNA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
cm.g.doubleclick.net
connect.facebook.net
fonts.googleapis.com
gofind-languages.s3-sa-east-1.amazonaws.com
heibr1digitalconnacc.blob.core.windows.net
heinekenbrasil.pertinhodemim.com
images.pertinhodemim.com
polyfill.io
stats.g.doubleclick.net
t.svtrd.com
tdn.r42tag.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www2.pertinhodemim.com
13.224.189.3
13.224.189.89
13.225.78.122
13.225.78.74
142.250.186.34
16.12.0.34
191.232.216.52
2001:4860:4802:34::178
2600:9000:20eb:c600:17:6805:26c0:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::282
52.208.205.244
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
3f14902d723de71d3c4a955cd5175e60a045391bb5ead10dbcab62b816f15743
5842affa56843cac34f1934aa1516f23f1ce6ae77b2b9c1e90c156a10815ca3f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
82323ec26c8b88d2b666bb41dba70668afa283bd23452d619ef6d7228be0c8b4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f9834e1adf268084722ac83e74504a9e8ee405514fbcad93f448ad7e2fe28f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b77ab452174d48c48b0965b150bb5c30d56408366667e8ade52da246d1114d
8c932a4c5c3ae0022812a6f78610ca90aaba4734a008133af4f239fc17cb961f
9ac0d5a5ba326905648fb53a34951343a3764efaaf7375c1908b3c1c63185121
9d9a06eccea38c42bb2a307cfa94da91a355345a102a1c276a045eb50a39bb7b
b939fbefb37335a7cacf4c29897a6a48b1978373381cf8fcda5157c5fa6a1ed1
cd40e8f28539c31c3477d7e6fdca3fe2592dd301a8eda4ab2354a50f1b3fc679
d492359759629fcb5b7146246ec8096336f8a065e0d86a1a5c4fc57cc323202b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deba53bf035b664afda505b9b1961d7d9297ddbb0919ce8231ea618a83166e20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4337e7bc92bf7058b2b19d7e3c84ac1538d9110615894041b204ad50c6cad48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65881b18543632524030e2ed6d9babb26807ecb813f6ec90f6ae659b06b8bce
fe9f8df809169a40ab72205412eeaa2fc3697536e42e6fa3a589719dca38fbd1
ff2f3866cfeea07f8673a00b4a99601d30ba470770e719748cd00971c19ce8b7