urlscan.io logo urlscan.io
SecurityTrails logo

www2.heineken.com Open in urlscan Pro
23.213.161.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heineken.nl/
Effective URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Submission: On September 22 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 20 HTTP transactions. The main IP is 23.213.161.132, located in United States and belongs to AKAMAI-ASN1, EU. The main domain is www2.heineken.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on September 10th 2020. Valid for: a year.
This is the only time www2.heineken.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.144.119.146 8075 (MICROSOFT...)
2 2 52.233.155.168 8075 (MICROSOFT...)
1 1 2.20.189.146 20940 (AKAMAI-ASN1)
2 15 23.213.161.132 20940 (AKAMAI-ASN1)
5 18.197.253.20 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 4
1    51.144.119.146 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: prd-hnl-s-zks6.westeurope.cloudapp.azure.com
heineken.nl
2    52.233.155.168 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.heineken.nl
1    2.20.189.146 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-20-189-146.deploy.static.akamaitechnologies.com
www.heineken.com
15    23.213.161.132 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-213-161-132.deploy.static.akamaitechnologies.com
www2.heineken.com
5    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Domain Requested by
15 www2.heineken.com 2 redirects www2.heineken.com
5 nexus.ensighten.com www2.heineken.com
nexus.ensighten.com
2 www.heineken.nl 2 redirects
1 www.googletagmanager.com nexus.ensighten.com
1 www.google-analytics.com www2.heineken.com
1 www.heineken.com 1 redirects
1 heineken.nl 1 redirects
20 7

This site contains links to these domains. Also see Links.

Domain
www.theheinekencompany.com
Subject Issuer Validity Valid
san.heineken.com
Trusted Secure Certificate Authority 5		 2020-09-10 -
2021-07-29		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www2.heineken.com/agegateway?returnurl=%2fnl
Frame ID: 5BA5496ACED18DCF2DE25DB6E7D29A2A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://heineken.nl/ HTTP 301
    http://www.heineken.nl/ HTTP 301
    https://www.heineken.nl/ HTTP 301
    http://www.heineken.com/nl HTTP 301
    https://www2.heineken.com/nl HTTP 302
    https://www2.heineken.com/agegateway?returnurl=%2fnl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

20
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

4
IPs

4
Countries

597 kB
Transfer

1210 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heineken.nl/ HTTP 301
    http://www.heineken.nl/ HTTP 301
    https://www.heineken.nl/ HTTP 301
    http://www.heineken.com/nl HTTP 301
    https://www2.heineken.com/nl HTTP 302
    https://www2.heineken.com/agegateway?returnurl=%2fnl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www2.heineken.com/layouts/system/VisitorIdentification.js HTTP 301
  • https://www2.heineken.com/layouts/system/visitoridentification.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request agegateway
www2.heineken.com/
Redirect Chain
  • http://heineken.nl/
  • http://www.heineken.nl/
  • https://www.heineken.nl/
  • http://www.heineken.com/nl
  • https://www2.heineken.com/nl
  • https://www2.heineken.com/agegateway?returnurl=%2fnl
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
33f1d913942274a7c773a304de0eaec937c1a811a1deee03b98aaa061a616732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN DENY

Request headers

:method
GET
:authority
www2.heineken.com
:scheme
https
:path
/agegateway?returnurl=%2fnl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
Microsoft-IIS/8.5
page-template
agegateway-page
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN DENY
x-server
HCOM W1
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 22 Sep 2020 19:14:11 GMT
content-length
6415
set-cookie
ASP.NET_SessionId=4kzjdfvjaiwf10zedtw0q2ve; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=566116a1cc4b4be58b43c5ac5a4663f6|False; expires=Sun, 22-Sep-2030 19:14:11 GMT; path=/; secure; HttpOnly cc_consent=true; expires=Sun, 27-Sep-2020 19:14:11 GMT; path=/; secure

Redirect headers

status
302
content-type
text/html; charset=utf-8
location
/agegateway?returnurl=%2fnl
server
Microsoft-IIS/8.5
page-template
home-page
x-frame-options
SAMEORIGIN DENY
x-server
HCOM W1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
144
date
Tue, 22 Sep 2020 19:14:11 GMT
Bootstrap.js
nexus.ensighten.com/heineken/heineken-prd/ 		577 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/heineken/heineken-prd/Bootstrap.js
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
84383e20d026a235c3227656e5e4fe17bac32ff9d701195438d0bd6d3ce35d66

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 19:14:11 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 06:55:26 GMT
server
nginx
etag
W/"5f3b7b5e-90259"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
gateway.min.css
www2.heineken.com/browser-resources/css/ 		61 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4fccfe8cf63c0e7fd27d4c5dece73660f04b54b7ca4ed240acb189204e3281ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 06:05:54 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"83542f382e27d51:0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=25363118
x-server
HCOM W3
accept-ranges
bytes
content-length
10179
date
Tue, 22 Sep 2020 19:14:11 GMT
visitoridentification.js
www2.heineken.com/layouts/system/
Redirect Chain
  • https://www2.heineken.com/layouts/system/VisitorIdentification.js
  • https://www2.heineken.com/layouts/system/visitoridentification.js
2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/layouts/system/visitoridentification.js
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 06 Oct 2016 14:01:33 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"02e725da1fd21:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-server
HCOM W1
accept-ranges
bytes
content-length
740
date
Tue, 22 Sep 2020 19:14:11 GMT

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Microsoft-IIS/8.5
status
301
date
Tue, 22 Sep 2020 19:14:11 GMT
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
https://www2.heineken.com/layouts/system/visitoridentification.js
x-server
HCOM W1
content-length
188
gateway.min.js
www2.heineken.com/browser-resources/scripts/ 		208 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/scripts/gateway.min.js?v=20190620_080554
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
541ceb0e2a5abfd4d33756b10cf1e23b1831969bc8a1ddf96c4b5df4b9c81dde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 06:05:54 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"a335f382e27d51:0"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=25967637
x-server
HCOM W3
accept-ranges
bytes
content-length
67815
date
Tue, 22 Sep 2020 19:14:11 GMT
logo.svg
www2.heineken.com/~/resources/heineken/shared/logo/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.heineken.com/~/resources/heineken/shared/logo/logo.svg?v=20200626_090525&la=en&hash=0182AFE90FC497ACD50747CCAC7941861B3C53E0
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6d14ed8a3ff44274f7c8dd154947ec765f3d5216fd3c1f60b6414665d990af65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
etag
89aab70f1af2488c885828bc04fa7073
status
200
content-disposition
inline; filename="logo.svg"
vary
Accept-Encoding
content-length
3908
last-modified
Fri, 26 Jun 2020 09:05:25 GMT
server
Microsoft-IIS/8.5
date
Tue, 22 Sep 2020 19:14:11 GMT
x-frame-options
DENY
content-type
image/svg+xml
cache-control
public, max-age=29137571
x-server
HCOM W2
accept-ranges
bytes
expires
Thu, 26 Aug 2021 01:00:22 GMT
smiling-e-white.png
www2.heineken.com/~/resources/heineken/shared/footer-icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.heineken.com/~/resources/heineken/shared/footer-icons/smiling-e-white.png?v=20200626_090148&process=crop&h=56&w=56&la=en&hash=46CC40BDFFAF85F77355EDD17122080FFB8D71A6
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
1c399af01bc869b35f1318fafa17279246dc7e6a80f3c0a2ef5fb0b18b1ee94e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 26 Jun 2020 09:01:48 GMT
server
Microsoft-IIS/8.5
etag
5418796784114db59d634589a5063001
x-frame-options
DENY
content-type
image/png
status
200
cache-control
public, max-age=29157253
x-server
HCOM W3
content-disposition
inline; filename="smiling e white.png"
accept-ranges
bytes
content-length
6265
date
Tue, 22 Sep 2020 19:14:11 GMT
expires
Thu, 26 Aug 2021 06:28:24 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
2430
date
Tue, 22 Sep 2020 18:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 22 Sep 2020 20:33:41 GMT
1.gif
nexus.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/privacy/v1/b/1.gif?n=0&c=2681&i=82avvs&p=heineken-prd&s=315&d=8E57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuMzg1IiwiY2xpZW50SWQiOjI2ODEsInB1Ymxpc2hQYXRoIjoiaGVpbmVrZW4tcHJkIiwiaW5zdGFuY2UvAPAUIjgyYXZ2cyIsInBhY2tldCI6MCwibW9kZSI6ImVuZm9yY2VfAPIpb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJHbG9iYWwiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS6AGAiLCJ0eXBTAPAPYmlsbGluZyIsInN0YXJ0IjoxNjAwODAyMDUxOTExXACgZCI6LTEsInNvdXsAIjoiKwBBdHVzIgwAYHJlYXNvbmUA010sImRhdGFQYXR0ZXISAMAibGlzdCI6W119XX0
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Tue, 22 Sep 2020 19:14:11 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 22 Sep 2020 19:14:10 GMT
main.min.css
www2.heineken.com/browser-resources/css/ 		0
43 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/css/main.min.css?v=20190620_080554
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 06:05:54 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"3f403b382e27d51:0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=25967726
x-server
HCOM W1
accept-ranges
bytes
content-length
43869
date
Tue, 22 Sep 2020 19:14:11 GMT
main.min.js
www2.heineken.com/browser-resources/scripts/ 		0
111 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/scripts/main.min.js?v=20190620_080554
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 06:05:54 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"3def6a382e27d51:0"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=25967507
x-server
HCOM W3
accept-ranges
bytes
content-length
113513
date
Tue, 22 Sep 2020 19:14:11 GMT
gateway.min.js
www2.heineken.com/browser-resources/scripts/ 		0
67 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/scripts/gateway.min.js?v=20190620_080554
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/agegateway?returnurl=%2fnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 06:05:54 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"a335f382e27d51:0"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=25967637
x-server
HCOM W3
accept-ranges
bytes
content-length
67815
date
Tue, 22 Sep 2020 19:14:11 GMT
futura-condensed.woff2
www2.heineken.com/browser-resources/fonts/futura/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/fonts/futura/futura-condensed.woff2
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
008c8eed970f7db0b32b135325b06e7103431da0acaec0e7ccf3214a1636b02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Origin
https://www2.heineken.com
Referer
https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Jun 2019 06:05:55 GMT
server
Microsoft-IIS/8.5
status
200
etag
"cabf1d392e27d51:0"
x-frame-options
DENY
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2522907
x-server
HCOM W3
accept-ranges
bytes
content-length
21356
date
Tue, 22 Sep 2020 19:14:11 GMT
futura-condensed-bold.woff2
www2.heineken.com/browser-resources/fonts/futura/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www2.heineken.com/browser-resources/fonts/futura/futura-condensed-bold.woff2
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c5d07555f829fcdac34ec5c2f46c494c44005c7f3f690be7f70c2b401ce4e3cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Origin
https://www2.heineken.com
Referer
https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Jun 2019 06:05:55 GMT
server
Microsoft-IIS/8.5
status
200
etag
"66fd18392e27d51:0"
x-frame-options
DENY
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=1042269
x-server
HCOM W3
accept-ranges
bytes
content-length
19716
date
Tue, 22 Sep 2020 19:14:11 GMT
world.svg
www2.heineken.com/browser-resources/img/icons/ 		1 KB
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.heineken.com/browser-resources/img/icons/world.svg
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
d5ba70c3bddda60cfd8531d30dd9ecd0dbc8bbb1afff6e8939af2dfa79468adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 06:05:55 GMT
server
Microsoft-IIS/8.5
x-frame-options
DENY
etag
"46be3c392e27d51:0"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=379036
x-server
HCOM W3
accept-ranges
bytes
content-length
535
date
Tue, 22 Sep 2020 19:14:12 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TB5K7P
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/heineken/heineken-prd/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0321b3ce16ac0973cde6d6d890b5567629b89376bddbaa62a5cdeb50c869d679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 19:14:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55962
x-xss-protection
0
expires
Tue, 22 Sep 2020 19:14:12 GMT
serverComponent.php
nexus.ensighten.com/heineken/heineken-prd/ 		283 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/heineken/heineken-prd/serverComponent.php?r=843005856.7397336&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/heineken/heineken-prd/code/&publishedOn=Tue%20Aug%2018%2006:55:23%20GMT%202020&ClientID=2681&PageID=https%3A%2F%2Fwww2.heineken.com%2Fagegateway%3Freturnurl%3D%252fnl
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/heineken/heineken-prd/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d9250d8f47aab43c15ae49ea4373f646803e47192ba0ea1a98034cd10c4bc4e7

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 22 Sep 2020 19:14:12 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
283
expires
Tue, 22 Sep 2020 19:14:11 GMT
bg-agegateway.jpg
www2.heineken.com/browser-resources/img/backgrounds/body/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.heineken.com/browser-resources/img/backgrounds/body/bg-agegateway.jpg
Requested by
Host: www2.heineken.com
URL: https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.132 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-213-161-132.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6d527c9303ef980bc29092e9c55b3e71e7bfa74c7724e7e6daa3e0ac568078e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://www2.heineken.com/browser-resources/css/gateway.min.css?v=20190620_080554
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Jun 2019 06:05:56 GMT
server
Microsoft-IIS/8.5
etag
"a57e9e392e27d51:0"
x-frame-options
DENY
content-type
image/jpeg
status
200
cache-control
max-age=116956
x-server
HCOM W3
accept-ranges
bytes
content-length
55035
date
Tue, 22 Sep 2020 19:14:12 GMT
e2baa36764a2876932b220e696961f36.js
nexus.ensighten.com/heineken/heineken-prd/code/ 		249 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/heineken/heineken-prd/code/e2baa36764a2876932b220e696961f36.js?conditionId0=4886743
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/heineken/heineken-prd/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eaf1457c762639f4933f7277df5224f8ce7be2102805027ab56e8faf4f8c0444

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 19:14:12 GMT
last-modified
Tue, 18 Aug 2020 06:55:26 GMT
server
nginx
etag
"5f3b7b5e-f9"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
249
1.gif
nexus.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/privacy/v1/b/1.gif?n=1&c=2681&i=82avvs&p=heineken-prd&s=4920&d=8E57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuMzg1IiwiY2xpZW50SWQiOjI2ODEsInB1Ymxpc2hQYXRoIjoiaGVpbmVrZW4tcHJkIiwiaW5zdGFuY2UvAPAUIjgyYXZ2cyIsInBhY2tldCI6MSwibW9kZSI6ImVuZm9yY2VfAPIpb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJHbG9iYWwiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS6AONodHRwczovL3d3dzIuaI0A8RUuY29tL2xheW91dHMvc3lzdGVtL1Zpc2l0b3JJZGVudGlmaWNBACAuap8AMHR5cJQA0HNjcmlwdCIsInN0YXKuAMA2MDA4MDIwNTE5MjWcAEdkIjoxFABgOSwic291xgBROiJtdXRRAKJPYnNlcnZlckNMSACQdHVzIjoibG9hHQFgcmVhc29uxgDUXSwiZGF0YVBhdHRlchIAu2xpc3QiOltdLCJpagA_NX0s-AAXomJyb3dzZXItcmWeACJzL9kAI3Mv3gH_DS5taW4uanM_dj0yMDE5MDYyMF8wODA1NTQiLCILAQ8uMzALAQAXAgJtAB8iCwFMLzMwCwEZJn4vBQEEHALBL3NoYXJlZC9sb2dvBQBBLnN2ZwwB9jIyMDA2MjZfMDkwNTI1JmxhPWVuJmhhc2g9MDE4MkFGRTkwRkM0OTdBQ0Q1MDc0N0NDQUM3OTQxODYxQjNDNTNFMEABMmltZwACC0gCLDg2PQFPMjAzMUgCVS84Nj0BNfwQZm9vdGVyLWljb25zL3NtaWxpbmctZS13aGl0ZS5wblAB8AgxNDgmcHJvY2Vzcz1jcm9wJmg9NTYmdwUAB2cB_xk0NkNDNDBCREZGQUY4NUY3NzM1NUVERDE3MTIyMDgwRkZCOEQ3MUE2ZwEPHTmkAk8yMDUzZwFVHzmkAgvxAi5nb29nbGUtYW5hbHl0aWNzrgT1Fmd0bS9qcz9pZD1HVE0tSzJRTE5XNCZjaWQ9MTI2MDgxNDQ5Ny5-BBYyBAEC3QMPbgIATjIwNzhuAic4MgcBsGluc2VydEJlZm9yiwUyc3RhsARqYmxvY2tlswQgIlfdAQGkBA--BAkkIkHXABwiyQQAkQAPgQIH8QBuZXh1cy5lbnNpZ2h0ZW4VAQW0AwQJAFMtcHJkL2IF8ClvbXBvbmVudC5waHA_cj04NDMwMDU4NTYuNzM5NzMzNiZuYW1lc3BhY2U9Qm9vdHN0cmFwcGVyJuYAQGljSnPBBh89dgAXY2NvZGUvJv0G8AVlZE9uPVR1ZSUyMEF1ZyUyMDE4JT8E8AA6NTU6MjMlMjBHTVQlMjACACImQ0AHIEQ9PweBJlBhZ2VJRD23Bp0lM0ElMkYlMka9BmMlMkZhZ2WwBfAGJTNGcmV0dXJudXJsJTNEJTI1MmZuFwcPrQUNTzIwNDECAgAfNQICEA-yBioAeAAP6QH_Xg2hCD8yMDjpAVEPmwgID1wDFw_SA_8aHzfSAwwMigoSQRsGAtkFD9cDLR831wMHM3d3d9oGoXRhZ21hbmFnZXLFBTBndG1uCgPaBm9UQjVLN1C_BhIuMzLrAC85OL0ETy8zMuYAWh805gAMD9EBSS8zNOsAEQurCAa5CA8-DRI-MjEwnQQ_MTA2yQEQD4gIRC8xMLYECAbIAg_3AC4OfwkvMTDAAhEP9wBGHzjuAQcCFgliLmhvdGphuAMiYy8NAIAtMTM0NzI0M8UDT3N2PTe8AxEuMTF5CAEUAAUmDg97Clw_MTEx_AAHD6kGFwEFCvARZTJiYWEzNjc2NGEyODc2OTMyYjIyMGU2OTY5NjFmMzYpAVBjb25kaaMQv0lkMD00ODg2NzQzOQERLjA4DwQvMTW0CxEP2wUsHzgKBAgPIAF6D0wEAAkgAQ8vBULAODAyMDUyMDg1fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www2.heineken.com/agegateway?returnurl=%2fnl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Tue, 22 Sep 2020 19:14:14 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 22 Sep 2020 19:14:13 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer string| GoogleAnalyticsObject function| ga object| ensBootstraps object| Bootstrapper object| ensClientConfig string| tag object| ensLogger boolean| ensBrowserSupported string| bannerMarkup object| testElements object| gateway string| tagName function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent function| hello object| context object| modules function| $ function| jQuery object| viewportUnitsBuggyfill function| WOW object| wow function| onFontsLoad boolean| isWindowsPhone boolean| isAndroid boolean| isAndroidOld boolean| hasPushyScrollbars function| Awesomplete object| scrolling boolean| cancelBlur object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| category object| google_tag_manager function| hj object| _hjSettings function| onYouTubeIframeAPIReady function| handleKeyCancel function| handleKeySave function| saveCookies function| handleTabFocus

6 Cookies

Domain/Path Name / Value
.heineken.com/ Name: _ga
Value: GA1.2.1260814497.1600802052
.heineken.com/ Name: HEINEKEN_ENSIGHTEN_PRIVACY_version
Value: 1.0
www2.heineken.com/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 566116a1cc4b4be58b43c5ac5a4663f6|False
www2.heineken.com/ Name: cc_consent
Value: true
.heineken.com/ Name: _gid
Value: GA1.2.1639153819.1600802052
www2.heineken.com/ Name: ASP.NET_SessionId
Value: 4kzjdfvjaiwf10zedtw0q2ve

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN DENY