urlscan.io logo urlscan.io
SecurityTrails logo

www.allianz-sportspass.co.uk Open in urlscan Pro
57.153.40.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.allianz-sportspass.co.uk/
Effective URL: https://www.allianz-sportspass.co.uk/test
Submission: On June 24 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 57.153.40.66, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.allianz-sportspass.co.uk.
TLS certificate: Issued by R11 on June 24th 2024. Valid for: 3 months.
This is the only time www.allianz-sportspass.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 57.153.40.66 8075 (MICROSOFT...)
9 20.150.47.132 8075 (MICROSOFT...)
17 3
Domain Requested by
9 ukzd365prdstr.blob.core.windows.net www.allianz-sportspass.co.uk
5 www.allianz-sportspass.co.uk 1 redirects www.allianz-sportspass.co.uk
17 2

This site contains links to these domains. Also see Links.

Domain
friendlycaptcha.com
Subject Issuer Validity Valid
allianz-sportspass.co.uk
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-04-11 -
2025-04-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.allianz-sportspass.co.uk/test
Frame ID: CBE5F056ADFAD53F552443474157A73F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Test

Page URL History Show full URLs

  1. https://www.allianz-sportspass.co.uk/ HTTP 307
    https://www.allianz-sportspass.co.uk/test Page URL

Page Statistics

17
Requests

76 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

2143 kB
Transfer

2265 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.allianz-sportspass.co.uk/ HTTP 307
    https://www.allianz-sportspass.co.uk/test Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request test
www.allianz-sportspass.co.uk/
Redirect Chain
  • https://www.allianz-sportspass.co.uk/
  • https://www.allianz-sportspass.co.uk/test
97 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e91c8504a0107c368f065cea4c85d8ca3a277d1d653ce6db366ab327e55e421
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; style-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.cosmosplatform.io https://*.tlccosmos.com https://*.usercentrics.eu https://*.googleapis.com *.google.com https://*.gstatic.com https://eu-api.friendlycaptcha.eu data: blob:; font-src 'self' https://fonts.gstatic.com https://ukzd365prdstr.blob.core.windows.net; frame-src 'self' *.google.com *.frcapi.com; img-src 'self' https://*.usercentrics.eu https://ukzd365prdstr.blob.core.windows.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:; manifest-src 'self'; child-src blob:; media-src 'self' https://ukzd365prdstr.blob.core.windows.net; worker-src blob:; frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, private, max-age=604800
Connection
keep-alive
Content-Encoding
br
Content-Security-Policy
default-src 'self'; script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; style-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.cosmosplatform.io https://*.tlccosmos.com https://*.usercentrics.eu https://*.googleapis.com *.google.com https://*.gstatic.com https://eu-api.friendlycaptcha.eu data: blob:; font-src 'self' https://fonts.gstatic.com https://ukzd365prdstr.blob.core.windows.net; frame-src 'self' *.google.com *.frcapi.com; img-src 'self' https://*.usercentrics.eu https://ukzd365prdstr.blob.core.windows.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:; manifest-src 'self'; child-src blob:; media-src 'self' https://ukzd365prdstr.blob.core.windows.net; worker-src blob:; frame-ancestors 'none';
Content-Type
text/html
Date
Mon, 24 Jun 2024 09:58:39 GMT
Expires
0
Last-Modified
Mon, 24 Jun 2024 09:56:30 GMT
Link
<http://www.allianz-sportspass.co.uk/test>; rel="canonical"
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Pragma
no-cache
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
1999
X-Rate-Limit-Reset
2024-06-24T09:59:39.3908408Z
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 24 Jun 2024 09:58:39 GMT
Expires
0
Link
<http://www.allianz-sportspass.co.uk/>; rel="canonical"
Location
test
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Pragma
no-cache
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
1999
X-Rate-Limit-Reset
2024-06-24T09:59:39.3563222Z
X-XSS-Protection
0
widget.module.min.js
www.allianz-sportspass.co.uk/scripts/ 		42 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allianz-sportspass.co.uk/scripts/widget.module.min.js
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
387b81595633c48bc934c73a4a9a95fb56cb144c93a71fb688a318c2e025d476
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://www.allianz-sportspass.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 09:58:39 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
1999
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
0
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Referrer-Policy
no-referrer
Last-Modified
Fri, 21 Jun 2024 07:09:32 GMT
ETag
"1dac3a9f6e57832"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Rate-Limit-Reset
2024-06-24T09:59:39.7004710Z
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Accept-Ranges
bytes
Desktop%20Size.jpg
ukzd365prdstr.blob.core.windows.net/images/986/1219/ee35db97-5658-4e5c-9c3e-ad11ba416cf7/ 		860 KB
860 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/ee35db97-5658-4e5c-9c3e-ad11ba416cf7/Desktop%20Size.jpg
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b95d128a5c3689c409d322a0338d5d0c1d6ed603f9ef489c99287772d5d60595

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:38 GMT
Last-Modified
Mon, 24 Jun 2024 09:34:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC9430D8CF103A
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
37a082c3-401e-003e-121d-c62b0e000000
x-ms-version
2009-09-19
Content-Length
880714
Tablet%20Size.jpg
ukzd365prdstr.blob.core.windows.net/images/986/1219/6098cae3-af64-40d4-8acb-ccfdc1cbd74a/ 		581 KB
582 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/6098cae3-af64-40d4-8acb-ccfdc1cbd74a/Tablet%20Size.jpg
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1b100bf5272d3d157b09629c0074903ade9fc51ec9c397ee829d53ff77c15a82

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:39 GMT
Last-Modified
Mon, 24 Jun 2024 09:54:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC9433AC051F9A
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
39aa2a84-b01e-0002-5b1d-c69fd5000000
x-ms-version
2009-09-19
Content-Length
595293
Mobile%20Size.jpg
ukzd365prdstr.blob.core.windows.net/images/986/1219/d8e5fa79-6d11-4fe2-ad29-c94ba6ea4e00/ 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/d8e5fa79-6d11-4fe2-ad29-c94ba6ea4e00/Mobile%20Size.jpg
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
288884f7f25afa968e611ce18f52bd5dfa93a2d86d646a74779f3c5cad77f092

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:39 GMT
Last-Modified
Mon, 24 Jun 2024 09:54:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC9433ABEEB4A7
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
0965265c-201e-002e-791d-c61de8000000
x-ms-version
2009-09-19
Content-Length
316094
Numbers-01.png
ukzd365prdstr.blob.core.windows.net/images/986/1219/f98267b1-120c-403c-a9f9-0988c7124286/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/f98267b1-120c-403c-a9f9-0988c7124286/Numbers-01.png
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f86b3429b6c8910daec1b8bb8876f693cb1bd88ca8c6bde0e640683e13cccdcf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:38 GMT
Last-Modified
Fri, 21 Jun 2024 15:38:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC9208343DD767
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
22fc0135-d01e-0030-1c1d-c6c705000000
x-ms-version
2009-09-19
Content-Length
32931
Numbers-02.png
ukzd365prdstr.blob.core.windows.net/images/986/1219/67370b77-0687-48e6-a4c6-82e068cb52e9/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/67370b77-0687-48e6-a4c6-82e068cb52e9/Numbers-02.png
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8ae06438a4afc53e1457398f5c3d10760d620bfed025f5e4063827a90b429c99

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:39 GMT
Last-Modified
Fri, 21 Jun 2024 15:38:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC9208343FABE9
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
543afb33-f01e-0068-071d-c6c37e000000
x-ms-version
2009-09-19
Content-Length
37590
Numbers-03.png
ukzd365prdstr.blob.core.windows.net/images/986/1219/c8450801-e87b-4826-94d3-6b4ed654ac79/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/c8450801-e87b-4826-94d3-6b4ed654ac79/Numbers-03.png
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef656c64adb288fcc9d23034915a22197ab469e7cb9ab8d5defb4353924fb6ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:39 GMT
Last-Modified
Fri, 21 Jun 2024 15:38:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DC9208343FF9FD
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
747b8f80-d01e-005d-0b1d-c66d2b000000
x-ms-version
2009-09-19
Content-Length
38241
AllianzNeo-Regular.ttf
ukzd365prdstr.blob.core.windows.net/fonts/986/1219/91c6d00f-d5de-41fc-9707-91095c57b2b1/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukzd365prdstr.blob.core.windows.net/fonts/986/1219/91c6d00f-d5de-41fc-9707-91095c57b2b1/AllianzNeo-Regular.ttf
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aab51805314fb7e5430eca6acc8fc8ddd2067e8c71fb1983636de18ebf4a4ab5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.allianz-sportspass.co.uk/
Origin
https://www.allianz-sportspass.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:38 GMT
Last-Modified
Thu, 20 Jun 2024 14:21:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
7dAIFnGAIxBb8ICb4dpT2Q==
ETag
0x8DC913457AC90A8
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
dc092afe-f01e-0063-381d-c6db0a000000
x-ms-version
2009-09-19
Content-Length
77464
AllianzNeo-Bold.ttf
ukzd365prdstr.blob.core.windows.net/fonts/986/1219/73aef9fc-8019-4a5f-8056-ff6b8d46d81a/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukzd365prdstr.blob.core.windows.net/fonts/986/1219/73aef9fc-8019-4a5f-8056-ff6b8d46d81a/AllianzNeo-Bold.ttf
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6f3521833ce3d1fda503cc9b3c94ac14b25ae1018de00614072e7817c1abcfc3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.allianz-sportspass.co.uk/
Origin
https://www.allianz-sportspass.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:39 GMT
Last-Modified
Thu, 20 Jun 2024 14:21:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
r8IqMmGgArpLgSXne5GE6w==
ETag
0x8DC913457A36A3E
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
a723a66e-a01e-0052-121d-c680dd000000
x-ms-version
2009-09-19
Content-Length
82428
AllianzNeo-SemiBold.ttf
ukzd365prdstr.blob.core.windows.net/fonts/986/1219/d6d1bcdb-7818-4959-9411-d164a775575f/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukzd365prdstr.blob.core.windows.net/fonts/986/1219/d6d1bcdb-7818-4959-9411-d164a775575f/AllianzNeo-SemiBold.ttf
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
045679b048ddb92d42aa4a55c499f873827802bd8e1fd9e2a4b58333f8065eb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.allianz-sportspass.co.uk/
Origin
https://www.allianz-sportspass.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 24 Jun 2024 09:58:39 GMT
Last-Modified
Thu, 20 Jun 2024 14:21:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
0pJ3hq0X2z79QHVRyTdY/w==
ETag
0x8DC913457B14AE9
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
823eef7f-a01e-0070-5e1d-c6eeeb000000
x-ms-version
2009-09-19
Content-Length
76616
security-violation
www.allianz-sportspass.co.uk/api/reports/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.allianz-sportspass.co.uk/api/reports/security-violation
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Pragma
no-cache
Date
Mon, 24 Jun 2024 09:58:39 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
59
X-Frame-Options
DENY
Cache-Control
no-cache, no-store
X-Rate-Limit-Reset
2024-06-24T09:59:39.7438356Z
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Connection
keep-alive
X-XSS-Protection
0
Expires
0
c70c9afa-28ac-4a16-90ae-2eca7010eee9
https://www.allianz-sportspass.co.uk/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.allianz-sportspass.co.uk/c70c9afa-28ac-4a16-90ae-2eca7010eee9
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9966
Content-Type
text/javascript
ffd4ca67-c3c9-4254-9c8f-18b431bb7194
https://www.allianz-sportspass.co.uk/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.allianz-sportspass.co.uk/ffd4ca67-c3c9-4254-9c8f-18b431bb7194
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9966
Content-Type
text/javascript
a093d3d0-9ce2-4d9c-8fbb-b06d96cad6b8
https://www.allianz-sportspass.co.uk/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.allianz-sportspass.co.uk/a093d3d0-9ce2-4d9c-8fbb-b06d96cad6b8
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9966
Content-Type
text/javascript
68567d73-a0ae-4e01-acf0-35b79b4b3628
https://www.allianz-sportspass.co.uk/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.allianz-sportspass.co.uk/68567d73-a0ae-4e01-acf0-35b79b4b3628
Requested by
Host: www.allianz-sportspass.co.uk
URL: https://www.allianz-sportspass.co.uk/test
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9966
Content-Type
text/javascript
favicon.ico
www.allianz-sportspass.co.uk/ 		0
833 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.allianz-sportspass.co.uk/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 09:58:40 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
1999
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Pragma
no-cache
Referrer-Policy
no-referrer
X-Frame-Options
DENY
Cache-Control
no-cache, no-store
X-Rate-Limit-Reset
2024-06-24T09:59:40.3545950Z
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Expires
0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| multiSelect function| selectAddressDropdown function| showSnackbar function| eventBus function| renderService function| debounce function| validateService function| authService function| replaceTranslation function| getTranslation function| navigationService function| trustedTypesStub function| getTranslationByKey object| items number| len object| props string| ids object| els object| el object| friendlyChallenge

0 Cookies

6 Console Messages

Source Level URL
Text
security error URL: https://www.allianz-sportspass.co.uk/scripts/widget.module.min.js
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-DtJ0G5eArSV7tvvFUUeV7iyiWfBGflIkRW64/tmMWUk='), or a nonce ('nonce-...') is required to enable inline execution.
worker info URL: blob:https://www.allianz-sportspass.co.uk/c70c9afa-28ac-4a16-90ae-2eca7010eee9
Message:
FriendlyCaptcha failed to initialize WebAssembly, falling back to Javascript solver: CompileError: WebAssembly.compile(): Refused to compile or instantiate WebAssembly module because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:"
worker info URL: blob:https://www.allianz-sportspass.co.uk/ffd4ca67-c3c9-4254-9c8f-18b431bb7194
Message:
FriendlyCaptcha failed to initialize WebAssembly, falling back to Javascript solver: CompileError: WebAssembly.compile(): Refused to compile or instantiate WebAssembly module because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:"
worker info URL: blob:https://www.allianz-sportspass.co.uk/a093d3d0-9ce2-4d9c-8fbb-b06d96cad6b8
Message:
FriendlyCaptcha failed to initialize WebAssembly, falling back to Javascript solver: CompileError: WebAssembly.compile(): Refused to compile or instantiate WebAssembly module because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:"
worker info URL: blob:https://www.allianz-sportspass.co.uk/68567d73-a0ae-4e01-acf0-35b79b4b3628
Message:
FriendlyCaptcha failed to initialize WebAssembly, falling back to Javascript solver: CompileError: WebAssembly.compile(): Refused to compile or instantiate WebAssembly module because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:"
network error URL: https://www.allianz-sportspass.co.uk/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; style-src 'self' 'strict-dynamic' 'nonce-jyFJLWcR8Ff/aIO22bAsag==' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.cosmosplatform.io https://*.tlccosmos.com https://*.usercentrics.eu https://*.googleapis.com *.google.com https://*.gstatic.com https://eu-api.friendlycaptcha.eu data: blob:; font-src 'self' https://fonts.gstatic.com https://ukzd365prdstr.blob.core.windows.net; frame-src 'self' *.google.com *.frcapi.com; img-src 'self' https://*.usercentrics.eu https://ukzd365prdstr.blob.core.windows.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:; manifest-src 'self'; child-src blob:; media-src 'self' https://ukzd365prdstr.blob.core.windows.net; worker-src blob:; frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0