urlscan.io logo urlscan.io
SecurityTrails logo

allianz-sportspass.co.uk Open in urlscan Pro
57.153.40.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://allianz-sportspass.co.uk/
Effective URL: https://allianz-sportspass.co.uk/holding
Submission: On November 26 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 57.153.40.66, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is allianz-sportspass.co.uk.
TLS certificate: Issued by R11 on October 22nd 2024. Valid for: 3 months.
This is the only time allianz-sportspass.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 57.153.40.66 8075 (MICROSOFT...)
2 35.190.14.188 15169 (GOOGLE)
3 20.150.47.132 8075 (MICROSOFT...)
6 35.241.3.184 396982 (GOOGLE-CL...)
2 34.120.28.121 396982 (GOOGLE-CL...)
2 35.201.111.240 396982 (GOOGLE-CL...)
1 34.95.108.180 396982 (GOOGLE-CL...)
21 7
6    57.153.40.66 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
allianz-sportspass.co.uk
2    35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
3    20.150.47.132 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ukzd365prdstr.blob.core.windows.net
6    35.241.3.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
2    34.120.28.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.28.120.34.bc.googleusercontent.com
aggregator.service.usercentrics.eu
2    35.201.111.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.111.201.35.bc.googleusercontent.com
consent-api.service.consent.usercentrics.eu
1    34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
uct.service.usercentrics.eu
Apex Domain
Subdomains		 Transfer
13 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 8924
api.usercentrics.eu — Cisco Umbrella Rank: 6334
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 6659
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15010
uct.service.usercentrics.eu — Cisco Umbrella Rank: 17187
206 KB
6 allianz-sportspass.co.uk
allianz-sportspass.co.uk
50 KB
3 windows.net
ukzd365prdstr.blob.core.windows.net
174 KB
21 3
Domain Requested by
6 api.usercentrics.eu app.usercentrics.eu
6 allianz-sportspass.co.uk 1 redirects allianz-sportspass.co.uk
3 ukzd365prdstr.blob.core.windows.net allianz-sportspass.co.uk
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
2 aggregator.service.usercentrics.eu app.usercentrics.eu
2 app.usercentrics.eu allianz-sportspass.co.uk
1 uct.service.usercentrics.eu
21 7

This site contains links to these domains. Also see Links.

Domain
myinsurance.allianz.co.uk
www.allianz.co.uk
Subject Issuer Validity Valid
allianz-sportspass.co.uk
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
app.usercentrics.eu
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-25 -
2025-04-23		 6 months crt.sh
api.usercentrics.eu
WR3		 2024-09-30 -
2024-12-29		 3 months crt.sh
aggregator.service.usercentrics.eu
WR3		 2024-11-05 -
2025-02-03		 3 months crt.sh
consent-api.service.consent.usercentrics.eu
WR3		 2024-09-27 -
2024-12-27		 3 months crt.sh
uct.service.usercentrics.eu
WR3		 2024-11-15 -
2025-02-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://allianz-sportspass.co.uk/holding
Frame ID: 1D3C3DBC5FFBA06D79ECC27ABDD213FB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Holding Page

Page URL History Show full URLs

  1. http://allianz-sportspass.co.uk/ HTTP 307
    https://allianz-sportspass.co.uk/ HTTP 307
    https://allianz-sportspass.co.uk/holding Page URL

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

7
IPs

3
Countries

429 kB
Transfer

1040 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://allianz-sportspass.co.uk/ HTTP 307
    https://allianz-sportspass.co.uk/ HTTP 307
    https://allianz-sportspass.co.uk/holding Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request holding
allianz-sportspass.co.uk/
Redirect Chain
  • http://allianz-sportspass.co.uk/
  • https://allianz-sportspass.co.uk/
  • https://allianz-sportspass.co.uk/holding
84 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71867059023c62812a4f5b44db1c284af0eef697300c101b63c496d84bcc01fc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; style-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.cosmosplatform.io https://*.tlccosmos.com https://*.usercentrics.eu https://*.googleapis.com *.google.com https://*.gstatic.com https://eu-api.friendlycaptcha.eu data: blob:; font-src 'self' https://fonts.gstatic.com https://ukzd365prdstr.blob.core.windows.net; frame-src 'self' *.google.com *.frcapi.com; img-src 'self' https://*.usercentrics.eu https://ukzd365prdstr.blob.core.windows.net https://purecatamphetamine.github.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:; manifest-src 'self'; child-src blob:; media-src 'self' https://ukzd365prdstr.blob.core.windows.net; worker-src blob:; frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private, max-age=604800
Connection
keep-alive
Content-Encoding
br
Content-Security-Policy
default-src 'self'; script-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; style-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.cosmosplatform.io https://*.tlccosmos.com https://*.usercentrics.eu https://*.googleapis.com *.google.com https://*.gstatic.com https://eu-api.friendlycaptcha.eu data: blob:; font-src 'self' https://fonts.gstatic.com https://ukzd365prdstr.blob.core.windows.net; frame-src 'self' *.google.com *.frcapi.com; img-src 'self' https://*.usercentrics.eu https://ukzd365prdstr.blob.core.windows.net https://purecatamphetamine.github.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:; manifest-src 'self'; child-src blob:; media-src 'self' https://ukzd365prdstr.blob.core.windows.net; worker-src blob:; frame-ancestors 'none';
Content-Type
text/html
Date
Tue, 26 Nov 2024 10:35:06 GMT
Expires
0
Last-Modified
Tue, 05 Nov 2024 14:22:20 GMT
Link
<http://www.allianz-sportspass.co.uk/holding>; rel="canonical"
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Pragma
no-cache
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
1999
X-Rate-Limit-Reset
2024-11-26T10:36:06.9765145Z
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 26 Nov 2024 10:35:06 GMT
Expires
0
Link
<http://www.allianz-sportspass.co.uk/>; rel="canonical"
Location
holding
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Pragma
no-cache
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Rate-Limit-Limit
1m
X-Rate-Limit-Remaining
1999
X-Rate-Limit-Reset
2024-11-26T10:36:06.9568098Z
X-XSS-Protection
0
widget.module.min.js
allianz-sportspass.co.uk/scripts/ 		42 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allianz-sportspass.co.uk/scripts/widget.module.min.js
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
387b81595633c48bc934c73a4a9a95fb56cb144c93a71fb688a318c2e025d476
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://allianz-sportspass.co.uk
Referer

Response headers

Content-Encoding
br
ETag
"1db39825a3cc432"
X-Rate-Limit-Limit
1m
X-Content-Type-Options
nosniff
Date
Tue, 26 Nov 2024 10:35:07 GMT
Content-Type
application/javascript
Last-Modified
Mon, 18 Nov 2024 06:23:16 GMT
Vary
Accept-Encoding
X-Rate-Limit-Remaining
1999
X-Frame-Options
DENY
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Cache-Control
public, max-age=604800
X-Rate-Limit-Reset
2024-11-26T10:36:07.0369403Z
Connection
keep-alive
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Accept-Ranges
bytes
X-XSS-Protection
0
bundle.js
app.usercentrics.eu/browser-ui/latest/ 		707 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/bundle.js
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9ab8856fd50b3896e3ac4704f85a5e9e9d0b7ef83c9bf1d7078fed4147c570cf
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
content-encoding
gzip
x-goog-hash
crc32c=F4wAHw==, md5=Z/GGZGVDDL0Q/IqGORoGjA==
etag
"67f1866465430cbd10fc8a86391a068c"
age
1828
x-goog-stored-content-encoding
gzip
expires
Tue, 26 Nov 2024 11:04:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
197321
date
Tue, 26 Nov 2024 10:04:39 GMT
last-modified
Thu, 14 Nov 2024 09:57:59 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC5KpUV7Kvoo-LuhGybzkN-LoOXxCt9qwy97x_WmGTyKE9DVfhJM3pmvcSXDiM2RwBPAXt0Yawpd7g
strict-transport-security
max-age=7776000
cache-control
public, max-age=3600, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731578279581394
content-length
197321
server
UploadServer
AZ_Logo_blue_RGB.png
ukzd365prdstr.blob.core.windows.net/images/986/1219/269c4fd4-30fd-4c22-8139-56a7b06f66e9/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukzd365prdstr.blob.core.windows.net/images/986/1219/269c4fd4-30fd-4c22-8139-56a7b06f66e9/AZ_Logo_blue_RGB.png
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4fcc14af5674f5cdffc4b140cedf2b18c6ec6a433bcf0fa0af61d9cf7bc09c13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DC9451B7694522
x-ms-request-id
6675dc4e-601e-0044-27ee-3f4143000000
Access-Control-Allow-Origin
*
Content-Length
22881
Date
Tue, 26 Nov 2024 10:35:07 GMT
Content-Type
image/png
Last-Modified
Mon, 24 Jun 2024 13:29:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
AllianzNeo-Regular.ttf
ukzd365prdstr.blob.core.windows.net/fonts/986/1219/91c6d00f-d5de-41fc-9707-91095c57b2b1/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukzd365prdstr.blob.core.windows.net/fonts/986/1219/91c6d00f-d5de-41fc-9707-91095c57b2b1/AllianzNeo-Regular.ttf
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aab51805314fb7e5430eca6acc8fc8ddd2067e8c71fb1983636de18ebf4a4ab5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://allianz-sportspass.co.uk
Referer
https://allianz-sportspass.co.uk/

Response headers

Content-MD5
7dAIFnGAIxBb8ICb4dpT2Q==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DC913457AC90A8
x-ms-request-id
fef13e2b-b01e-002b-71ee-3fe997000000
Access-Control-Allow-Origin
*
Content-Length
77464
Date
Tue, 26 Nov 2024 10:35:06 GMT
Content-Type
application/octet-stream
Last-Modified
Thu, 20 Jun 2024 14:21:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
AllianzNeo-SemiBold.ttf
ukzd365prdstr.blob.core.windows.net/fonts/986/1219/d6d1bcdb-7818-4959-9411-d164a775575f/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukzd365prdstr.blob.core.windows.net/fonts/986/1219/d6d1bcdb-7818-4959-9411-d164a775575f/AllianzNeo-SemiBold.ttf
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.47.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
045679b048ddb92d42aa4a55c499f873827802bd8e1fd9e2a4b58333f8065eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://allianz-sportspass.co.uk
Referer
https://allianz-sportspass.co.uk/

Response headers

Content-MD5
0pJ3hq0X2z79QHVRyTdY/w==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DC913457B14AE9
x-ms-request-id
be115654-401e-003e-42ee-3f2b0e000000
Access-Control-Allow-Origin
*
Content-Length
76616
Date
Tue, 26 Nov 2024 10:35:06 GMT
Content-Type
application/octet-stream
Last-Modified
Thu, 20 Jun 2024 14:21:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
languages.json
api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://allianz-sportspass.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 10:35:07 GMT
expires
Tue, 26 Nov 2024 10:35:07 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NL,NLNH
x-guploader-uploadid
AFiumC4XwuiGGDhDVH5Xm0TkctE_9WvSopkzJzlGjGkeJHmDRRD9av_JLmSs8AFSpG3FPHsCy7SGIrOGBg
languages.json
api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/ 		56 B
584 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a75d094caba33ac05120819a5fd16b225bcd6ceda6d4b507d6dac56d3bbd4320
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=SJK0Nw==, md5=e0zj72WAe2KwYdcMiqWgnw==
etag
"7b4ce3ef65807b62b061d70c8aa5a09f"
x-goog-stored-content-encoding
gzip
expires
Tue, 26 Nov 2024 10:36:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
61
x-client-geo-location
NL,NLNH
date
Tue, 26 Nov 2024 10:35:07 GMT
last-modified
Tue, 16 Jul 2024 08:01:56 GMT
vary
Accept-Encoding
content-type
application/json
x-guploader-uploadid
AFiumC66oLH9Y66A5twr-kwfScbbO9KilpGjGT-TBc96VEKoF3dVeMhOOWEY83F485EreXl2lH6Mq6aAeQ
strict-transport-security
max-age=7776000
cache-control
public, max-age=1800, s-maxage=60
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721116916873542
content-length
61
server
UploadServer
security-violation
allianz-sportspass.co.uk/api/reports/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://allianz-sportspass.co.uk/api/reports/security-violation
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Cache-Control
no-cache, no-store
Pragma
no-cache
X-Rate-Limit-Limit
1m
X-Rate-Limit-Reset
2024-11-26T10:36:07.5454174Z
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Expires
0
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Date
Tue, 26 Nov 2024 10:35:07 GMT
X-XSS-Protection
0
X-Rate-Limit-Remaining
59
X-Frame-Options
DENY
favicon.ico
allianz-sportspass.co.uk/ 		0
833 B 		Other
General
Check archive.org
Download Go to
Full URL
https://allianz-sportspass.co.uk/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

X-Rate-Limit-Limit
1m
X-Content-Type-Options
nosniff
Expires
0
Date
Tue, 26 Nov 2024 10:35:07 GMT
X-Rate-Limit-Remaining
1999
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Cache-Control
no-cache, no-store
Pragma
no-cache
X-Rate-Limit-Reset
2024-11-26T10:36:07.5639424Z
Connection
keep-alive
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Content-Length
0
X-XSS-Protection
0
en.json
api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/ 		21 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/en.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c51e6bfc0245b7d832b6df8410d4a6ff5683dedbcf0ce5ac461e3c22acf63f7a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=ixv0WQ==, md5=BjJUQ5mLe2ksvkCEqCCOFg==
etag
"06325443998b7b692cbe4084a8208e16"
x-goog-stored-content-encoding
gzip
expires
Tue, 26 Nov 2024 10:36:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6989
x-client-geo-location
NL,NLNH
date
Tue, 26 Nov 2024 10:35:08 GMT
last-modified
Tue, 16 Jul 2024 08:01:56 GMT
vary
Accept-Encoding
content-type
application/json
x-guploader-uploadid
AFiumC4S0kT8tVE3oPauTHyNvuBcQu3CXJW1P8pLtqEYhTnS5zNFI7MMpKuCNj0QzrW9jzrq-OI
strict-transport-security
max-age=7776000
cache-control
public, max-age=1800, s-maxage=60
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721116916883897
content-length
6989
server
UploadServer
en.json
api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/99Vv5SXHBG09rh/latest/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://allianz-sportspass.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 10:35:07 GMT
expires
Tue, 26 Nov 2024 10:35:07 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NL,NLNH
x-guploader-uploadid
AFiumC7PgvMaPgArGgP2Bxdk98EWV315_lXMQm6B7KiiTBt53UT_w51InYRSGjsLRXc3kaGA_iY
1px.png
app.usercentrics.eu/session/ 		489 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=99Vv5SXHBG09rh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
etag
"3702ada73b8951017b8451cbd6a96523"
age
1563
x-goog-stored-content-encoding
gzip
expires
Tue, 26 Nov 2024 10:39:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
522
date
Tue, 26 Nov 2024 10:09:05 GMT
last-modified
Fri, 08 May 2020 09:06:13 GMT
content-type
image/png
x-guploader-uploadid
AFiumC4swMLts8IzNlvAKDATaNjlPHuR1B9m3MgfnLV3N2Z3SF5-TGkV402ZXr6o8FZaNIj1fdvl9z32fA
strict-transport-security
max-age=7776000
cache-control
public,max-age=1800,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1588928773413784
content-length
522
server
UploadServer
translations-en.json
api.usercentrics.eu/translations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
83f30e193310357de1dc66af45aadb441197cb4e564be4fd3c75dcfb30139626
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=WGJ+BQ==, md5=ziEP+E+JKl2rj8BJI28/9Q==
etag
"ce210ff84f892a5dab8fc049236f3ff5"
age
17129
x-goog-stored-content-encoding
gzip
expires
Wed, 27 Nov 2024 05:49:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2491
x-client-geo-location
NL,NLNH
date
Tue, 26 Nov 2024 05:49:39 GMT
last-modified
Wed, 20 Nov 2024 09:14:41 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AFiumC42d-oYsGzU3XoN5cjb_EqgRnz-AwN8xQUhFcb3lFSpNddYHUnIK_yKHwSyphFaMIimt5CxvwXZdQ
strict-transport-security
max-age=7776000
cache-control
public, max-age=86400, s-maxage=86400
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1732094081472495
content-length
2491
server
UploadServer
translations-en.json
api.usercentrics.eu/translations/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://allianz-sportspass.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 10:35:08 GMT
expires
Tue, 26 Nov 2024 10:35:08 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NL,NLNH
x-guploader-uploadid
AFiumC5n6a55tmhmUqsoIAy5H9iF9iBe681q7vmU2w1g6xnieYmukVUo_bSShb0Qa1vL7tN1y9g
en
aggregator.service.usercentrics.eu/aggregate/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=H1Vl5NidjWX@40.17.45,W4O3lErgK0iSoN@2.0.0
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.28.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.28.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9e381d919775f25e9a2cf07fc5133225f121642a1eaf75b5e463066ba9438a14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cache-control
public,max-age=2592000
content-encoding
br
etag
"fgiunv"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 10:35:08 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, accept-encoding
server
Google Frontend
en
aggregator.service.usercentrics.eu/aggregate/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=H1Vl5NidjWX@40.17.45,W4O3lErgK0iSoN@2.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.28.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.28.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://allianz-sportspass.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 26 Nov 2024 10:35:08 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
a00eb63ffafd1f4938250e8eb07f044b
3
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.111.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://allianz-sportspass.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 26 Nov 2024 10:35:08 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
c6024d5bbe89390a814f316bcd1d7a7f
3
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
86 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.111.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

X-Request-ID
df3331ed-5705-416f-9438-70fc5fd0b9c0
Access-Control-Allow-Origin
*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=7776000
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 26 Nov 2024 10:35:08 GMT
x-cloud-trace-context
3321bc5c4311d02edeed9c7c92cc61b5
vary
Origin
server
Google Frontend
content-type
text/html
uct
uct.service.usercentrics.eu/ 		35 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=99Vv5SXHBG09rh&t=1&abv=&r=https%3A%2F%2Fallianz-sportspass.co.uk%2Fholding&cb=1732617308549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=7776000
cache-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
function-execution-id
2py3omjazfyj
date
Tue, 26 Nov 2024 10:35:08 GMT
content-type
image/gif
x-cloud-trace-context
2ea697fc4047fe6432aaf177019273d9
server
Google Frontend
security-violation
allianz-sportspass.co.uk/api/reports/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://allianz-sportspass.co.uk/api/reports/security-violation
Requested by
Host: allianz-sportspass.co.uk
URL: https://allianz-sportspass.co.uk/holding
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.153.40.66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Cache-Control
no-cache, no-store
Pragma
no-cache
X-Rate-Limit-Limit
1m
X-Rate-Limit-Reset
2024-11-26T10:36:07.5454174Z
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:0f2a55a2-221d-47c5-a251-47a3cd8e9c56
Expires
0
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),autoplay=("https://ukzd365devstr.blob.core.windows.net" "https://ukzd365uatstr.blob.core.windows.net" "https://ukzd365prdstr.blob.core.windows.net"),clipboard-write=(self)
Date
Tue, 26 Nov 2024 10:35:08 GMT
X-XSS-Protection
0
X-Rate-Limit-Remaining
58
X-Frame-Options
DENY

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| websiteSettings function| multiSelect function| responsiveMedia function| authenticationComponentExport function| selectAddressDropdown function| showSnackbar function| eventBus function| renderService function| debounce function| validateService function| authService function| localizationService function| replaceTranslation function| getTranslation function| navigationService function| trustedTypesStub function| getTranslationByKey object| items number| len object| friendlyChallenge function| __import__ boolean| UC_UI_IS_RENDERED string| __webpack_nonce__ object| dataLayer object| UC_UI

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://allianz-sportspass.co.uk/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-8l2fJv4vEfnAj1h+9oqOrvM3t7T5Y4tMTSncczJKJp0='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://*.usercentrics.eu https://cdnjs.cloudflare.com/ajax/libs/OverlappingMarkerSpiderfier/1.0.3/oms.min.js https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; style-src 'self' 'strict-dynamic' 'nonce-kRINVWSAlfB2r3oSzJI24w==' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.cosmosplatform.io https://*.tlccosmos.com https://*.usercentrics.eu https://*.googleapis.com *.google.com https://*.gstatic.com https://eu-api.friendlycaptcha.eu data: blob:; font-src 'self' https://fonts.gstatic.com https://ukzd365prdstr.blob.core.windows.net; frame-src 'self' *.google.com *.frcapi.com; img-src 'self' https://*.usercentrics.eu https://ukzd365prdstr.blob.core.windows.net https://purecatamphetamine.github.io https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:; manifest-src 'self'; child-src blob:; media-src 'self' https://ukzd365prdstr.blob.core.windows.net; worker-src blob:; frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0