urlscan.io logo urlscan.io
SecurityTrails logo

secure.halifaxurcatravelinsurance.co.uk Open in urlscan Pro
85.159.154.31  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Registration/EmailConfirm/...
Effective URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Submission Tags: falconsandbox
Submission: On May 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 33 HTTP transactions. The main IP is 85.159.154.31, located in Middlesbrough, United Kingdom and belongs to AXA_INSURANCE, GB. The main domain is secure.halifaxurcatravelinsurance.co.uk.
TLS certificate: Issued by QuoVadis Global SSL ICA G2 on January 13th 2021. Valid for: a year.
This is the only time secure.halifaxurcatravelinsurance.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lloyds (Banking)

Domain & IP information

IP Address AS Autonomous System
1 19 85.159.154.31 34746 (AXA_INSUR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 104.111.244.187 16625 (AKAMAI-AS)
4 3.208.129.210 14618 (AMAZON-AES)
1 99.86.242.33 16509 (AMAZON-02)
1 52.24.132.88 16509 (AMAZON-02)
33 6
19    85.159.154.31 (Middlesbrough, United Kingdom)

ASN34746 (AXA_INSURANCE, GB)
secure.halifaxurcatravelinsurance.co.uk
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com
c.evidon.com
4    3.208.129.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-129-210.compute-1.amazonaws.com
l.evidon.com
1    99.86.242.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-33.vie50.r.cloudfront.net
cdn.appdynamics.com
1    52.24.132.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-132-88.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com
Domain Requested by
19 secure.halifaxurcatravelinsurance.co.uk 1 redirects secure.halifaxurcatravelinsurance.co.uk
8 c.evidon.com secure.halifaxurcatravelinsurance.co.uk
c.evidon.com
4 l.evidon.com secure.halifaxurcatravelinsurance.co.uk
1 col.eum-appdynamics.com secure.halifaxurcatravelinsurance.co.uk
1 cdn.appdynamics.com secure.halifaxurcatravelinsurance.co.uk
1 www.googletagmanager.com secure.halifaxurcatravelinsurance.co.uk
33 6

This site contains no links.

Subject Issuer Validity Valid
secure.halifaxurcatravelinsurance.co.uk
QuoVadis Global SSL ICA G2		 2021-01-13 -
2022-01-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.evidon.com
DigiCert Secure Site ECC CA-1		 2020-04-29 -
2021-07-29		 a year crt.sh
*.appdynamics.com
DigiCert SHA2 Secure Server CA		 2020-05-17 -
2021-07-22		 a year crt.sh
*.eum-appdynamics.com
DigiCert SHA2 Secure Server CA		 2020-05-10 -
2021-07-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Frame ID: 3CDEB40D50695BE018AAB4F25AEF6C52
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Regist... HTTP 302
    https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

33
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

706 kB
Transfer

1566 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Registration/EmailConfirm/96317EA50B84873640A38D0E1B64FA6A12C88A4D7D1E0D0DE4637041CFEABFD3 HTTP 302
    https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set EmailConfirmationDeclined
secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/
Redirect Chain
  • https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Registration/EmailConfirm/96317EA50B84873640A38D0E1B64FA6A12C88A4D7D1E0D0DE4637...
  • https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
d8dab0871b4e299a8c667ef41bdd6f850ee8d8feb6b465e0db7e6b08f64f36a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
secure.halifaxurcatravelinsurance.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASP.NET_SessionId=st0kk0ten3ph5hyjxya5z50i; ADRUM_BTa=R:0|g:3440a223-809f-4a76-9882-205d4a83d402|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; SameSite=None; ADRUM_BT1=R:0|i:7590
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
X-AspNetMvc-Version
Set-Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Date
Wed, 12 May 2021 17:13:01 GMT
Content-Length
4051

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Server
X-AspNetMvc-Version
Set-Cookie
ASP.NET_SessionId=st0kk0ten3ph5hyjxya5z50i; path=/; secure; HttpOnly; SameSite=None ADRUM_BTa=R:0|g:3440a223-809f-4a76-9882-205d4a83d402|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:30 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:30 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:7590; expires=Wed, 12-May-2021 17:13:30 GMT; path=/; secure; HttpOnly AuthCookie=; expires=Tue, 12-May-2020 17:13:00 GMT; path=/; secure; HttpOnly; SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Date
Wed, 12 May 2021 17:13:00 GMT
Content-Length
186
Cookie set InstinctDefaultJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		512 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctDefaultJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=2sYm2toUudl5w7WRrgygBzR2JhL9xYZ1ZIqiUS3omgs1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
67270ed60b57d3b82bce4e7dc172973e61dd8980b12ab3fd30e622fa3f82296e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 12 May 2021 17:13:02 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:02 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:a995b13f-b614-4363-bd0e-46abb3ea13b0|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Expires
Thu, 12 May 2022 17:13:02 GMT,-1
Cookie set InstinctProductCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctProductCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=bxvkaMDkjKOQnkyXuaDDCPZrnIw_TXOmH49L-9VBlOc1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
69fdf7f625a626d3a1674e2dcf581f95ad34732702ff1d7e92850b391be1c9ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Length
4411
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 12 May 2021 17:13:02 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:01 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:243ffde6-4cee-400d-88d3-08cf68ca2990|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Expires
Thu, 12 May 2022 17:13:02 GMT,-1
Cookie set InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
682dd8ef398d79980a9c433a261f80f71752fbd40a9b5828cc8ee2d6e46d771e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Length
2663
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 12 May 2021 17:13:02 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:01 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:5805be02-8d3c-4cda-8f51-a3f21756f081|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Expires
Thu, 12 May 2022 17:13:02 GMT,-1
Cookie set InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		78 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
dc8c3dcf792118dcd62d156d3bcd584cfbb92d94ad84bf4adb37f9761d3fd85a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Length
18612
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 12 May 2021 17:13:01 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:01 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:6375a2f2-fd32-451f-95c9-4f61113893b6|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly
Expires
Thu, 12 May 2022 17:13:01 GMT,-1
Cookie set InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
a16218df3b7af2e06e607018d56a9aef7031d29752a58de7700a78493678c9d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Length
3673
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 12 May 2021 17:13:01 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:01 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:10f3882b-8c39-4e96-b455-1d7dd9ddda13|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:31 GMT; path=/; secure; HttpOnly
Expires
Thu, 12 May 2022 17:13:01 GMT,-1
Cookie set InstinctProductJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctProductJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=53GZqqqmBEpbItPFTyBPDc4HU3A2445orHUH7eIm1FM1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
4a55a3b881aa5544406d4ddcc079c66888ac38b6c736c9d393ae1013d6a0a2c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Length
8700
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 12 May 2021 17:13:02 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:02 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:435d5873-4feb-45aa-add9-04e551f8eb62|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:13894; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Expires
Thu, 12 May 2022 17:13:02 GMT,-1
adrum.js
secure.halifaxurcatravelinsurance.co.uk/Sales/Content/_Common/_Common/_Common/js/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/Content/_Common/_Common/_Common/js/adrum.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
9b6cbf03f27f99216704175f492eb061fc41cf7b7560a270f7aeb3acfeb39d46
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
ADRUM_BTa=R:0|g:ae187d63-c0b2-4324-a78b-7c9536ee2bb9|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:0|i:13894; SameSite=None
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
ETag
"aa5e1e925437d71:0"
Content-Length
11304
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 22 Apr 2021 08:50:39 GMT
Server
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 17:13:01 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache,no-store,must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
Expires
-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/Instinct/png/partner-logo.png&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
b0c822b5e62fece989a701cfee0ac09de50a55e3932977f4e4e998f9a39b35d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Cookie
SameSite=None; ADRUM_BTa=R:116|g:a995b13f-b614-4363-bd0e-46abb3ea13b0|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:116|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
2668
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
gtm.js
www.googletagmanager.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJ7MNF
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87b8427d16cf77c5c01722177f1de3d45c4d6517bb91627bd47a6140e757ff60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40184
x-xss-protection
0
last-modified
Wed, 12 May 2021 16:02:01 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 May 2021 17:13:02 GMT
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/Instinct/png/partner-logo.png&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
b0c822b5e62fece989a701cfee0ac09de50a55e3932977f4e4e998f9a39b35d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:215|g:30c4b0c6-6216-4168-9164-83e22ae75b39|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:215|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
2668
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/axa-ava-logo-desktop-white.png&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
de1ca0fa320d82268980e53ae20b03ea69731d3ec1933018953ce1879df41e71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:215|g:e972cc86-d6af-4040-89d3-26a78e1761bb|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:215|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
5000
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaLight/AgendaLight.eot&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
c447748560afe0f87e312dfbc3a0db62a62fbd927002f88483eadd76b92d7479
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.ms-fontobject
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:205|g:9f9f346a-d6a6-45b6-aac0-ce358da643dd|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:205|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
77700
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankIcons-Regular.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
c85babb60c03fcd787070989a7be4bb76c50452725cd63e572e276cf4f5f2feb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:210|g:f429b6c3-48f5-4e5e-8f67-b83bbd9b4d48|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:210|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
13560
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankJackRegular/lloyds_bank_jack-regularWEB.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:205|g:a63788b1-ef2e-40dd-b409-05c0bbb1df96|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:205|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
64612
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaMedium/AgendaMedium.eot&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
3f5845b3b30729e98c75fd97ca59e35ccf1cccf8d6de5245aae9a94b5f03e44a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.ms-fontobject
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:205|g:dc781a7f-930e-4d74-9679-43ddafc313e5|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:205|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
51468
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankJackBold/lloyds_bank_jack-boldWEB.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
4ffa5ba9aace2783e510502a97ff98512795eebd59b5262e65becc6d5d0caca6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Cookie
SameSite=None; ADRUM_BTa=R:116|g:6de6ee76-2ccd-4735-86fe-89829dfc5baa|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; ADRUM_BT1=R:116|i:7592
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BTa=R:205|g:bd94ac17-fde7-4602-8abe-f81cd3ae57ea|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:205|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
75224
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ba16de2ea5df987cdb3e952edbe35fdbd1d7fd980a9d6c47fd0b4ff295ae873d

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 18:12:03 GMT
server
AkamaiNetStorage
etag
"fb37df1fe7988b6035e5205f025ac591:1620324723.456293"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
16182
expires
Fri, 14 May 2021 17:13:02 GMT
country.js
c.evidon.com/geo/ 		241 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
169321e39b8feb5403c970bcefde1b1c3c29145725887ae7e590f79a92a0eed1

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:43:04 GMT
server
AkamaiNetStorage
etag
"76b67a5507157b786621c476655c42b7:1584142984.873861"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
166
snthemes.js
c.evidon.com/sitenotice/6650/ 		183 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6650/snthemes.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
95df23cb74914e1f9a4752ebe4bc016ce661ff9963caba85b71abf703dfbc20b

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 08:21:42 GMT
server
AkamaiNetStorage
etag
"4c99d08db49f69c56d62f9f5ef2255f1:1620375702.164775"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
8176
expires
Fri, 14 May 2021 17:13:02 GMT
settings.js
c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/ 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settings.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bce8527f4277ccbdadee8ffff59913fd5eaea5d8c4a4b5c57fadaa0b14e3626d

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 12:28:00 GMT
server
AkamaiNetStorage
etag
"833dd558b08fb275454a1d051dd16992:1616588880.476872"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
733
expires
Fri, 14 May 2021 17:13:02 GMT
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaMedium/Agenda-Medium.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
e0f07b2ed9ef32b625706dca44c68eeb0037bea3bf4dea5fed37de4f9ee7a269
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Cookie
SameSite=None; ADRUM_BT1=R:205|i:7592; ADRUM_BTa=R:205|g:a63788b1-ef2e-40dd-b409-05c0bbb1df96|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BT1=R:205|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BTa=R:205|g:564da3e2-8cee-4adb-b737-9b0e4e570f9e|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
22860
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
Cookie set /
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaLight/Agenda-Light.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
f928864d98010483c4b29e470ab13783056e7f9a49348a186e24ec7fe69e9183
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Accept-Encoding
gzip, deflate, br
Host
secure.halifaxurcatravelinsurance.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Cookie
SameSite=None; ADRUM_BT1=R:205|i:7592; ADRUM_BTa=R:205|g:a63788b1-ef2e-40dd-b409-05c0bbb1df96|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2
Connection
keep-alive
Origin
https://secure.halifaxurcatravelinsurance.co.uk
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 12 May 2021 17:13:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
ADRUM_BT1=R:205|i:7592; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly ADRUM_BTa=R:205|g:a2eaa992-9cc1-4c18-9806-5c4d634bc42d|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly SameSite=None; expires=Wed, 12-May-2021 17:13:32 GMT; path=/; secure; HttpOnly
Content-Length
30136
X-XSS-Protection
1; mode=block
Expires
Fri, 11 Jun 2021 17:13:02 GMT,-1
en.js
c.evidon.com/sitenotice/6650/translations/ 		110 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6650/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cfd931f76d87d15b5f64ece7c537ec13c1a071bbbbf575f5bff6283171757941

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 08:24:11 GMT
server
AkamaiNetStorage
etag
"bdb818afcc2492396bd4274163c1607a:1620375851.63161"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
8688
expires
Fri, 14 May 2021 17:13:02 GMT
evidon-barrier.js
c.evidon.com/sitenotice/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 18:12:04 GMT
server
AkamaiNetStorage
etag
"282d0aad6323c983709c8ba8921e53b6:1620324724.273057"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3930
expires
Fri, 14 May 2021 17:13:02 GMT
icong1.png
c.evidon.com/pub/ 		600 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icong1.png
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2019 16:14:21 GMT
server
AkamaiNetStorage
etag
"d08da9f445b63100a56646de99043059:1558455261"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
623
1
l.evidon.com/site/v3/6650/56400/20/1/3/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/20/1/3/1?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.129.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-129-210.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
87827
l.evidon.com/site/v3/6650/56400/20/2/3/1/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/20/2/3/1/87827?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.129.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-129-210.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
87827
l.evidon.com/site/v3/6650/56400/20/1/3/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/20/1/3/1/87827?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.129.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-129-210.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
6650-20200324170107.png
c.evidon.com/logos/6650/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/logos/6650/6650-20200324170107.png
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3162a2d804b09a1377447d738570eba6d593b5685e342c9a64846475edc08828

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:02 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 17:01:09 GMT
server
AkamaiNetStorage
etag
"4fa129b72e3140ccfcfa339e5df3af04:1585069269.657428"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
1915
87827
l.evidon.com/site/v3/6650/56400/20/5/3/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/20/5/3/1/87827?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.129.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-129-210.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 17:13:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
adrum-ext.7ee08ffc80eb95c73b3f07237ad42c17.js
cdn.appdynamics.com/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.7ee08ffc80eb95c73b3f07237ad42c17.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/Content/_Common/_Common/_Common/js/adrum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.242.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-242-33.vie50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
c94d2e301392469222a55cf1391a166eb60cd1a591723ab7c629ad430cb42dac

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 18:21:12 GMT
content-encoding
gzip
age
2155911
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2015 22:38:09 GMT
server
nginx/1.16.1
etag
W/"55ad7851-9230"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
VIE50-C1
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
jBSEu81IEdPLNVgAIyp95Hz9u5XzOF6TtfkYjE2u3zDDyAG_kM6I_A==
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAB-ZHR/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAB-ZHR/adrum
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/Content/_Common/_Common/_Common/js/adrum.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.132.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-132-88.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 May 2021 17:13:05 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
Connection
keep-alive
access-control-allow-headers
origin, content-type, accept
Content-Length
0
expires
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lloyds (Banking)

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| dateGreaterThanOrEqualTo function| SetupDateThreeField function| toggleUsAndUkDateFormats function| SetupDateTwoField function| isValidDate function| SetupDatepicker function| sendGATag function| SendDeselectionBenefitsGATag function| sendIsResponsivePageGATag function| sendGALoginError undefined| addressLookupUrl undefined| addressConfirmUrl undefined| clearPolicyholderAddressUrl undefined| enterHouseNumberNameUrl undefined| addressNotFoundUrl undefined| addressBfpoUrl object| address object| uiAjax undefined| verifyInstantServiceUrl object| interactiveHelp object| currentDate number| currentYear number| currentMonth number| currentYearTwoDigits number| maxExpiryYearTwoDigits number| acceptableMaxYearForPolicyStart string| todayDate string| firstOfThisMonthDate object| dayValidationRule object| monthValidationRule object| optionalMonthValidationRule object| yearValidationRule object| yearCardStartValidationRule object| yearCardExpiryValidationRule object| yearValidationRuleForCoverStart object| securityCodeRule object| issueNumberRule object| accountHoldersNameRule object| sortCodeRule object| sortCodePartRule object| accountNumberRule object| requiredAddressLineRule object| addressLineRule object| postcodeValidationRule object| emailValidationRule object| genericTelephoneNumberRule boolean| timeoutLoggingEnabled boolean| timeoutMessageEnabled object| sessionTimeoutManager function| $ function| jQuery object| ko object| html5 object| Modernizr function| disablePrintLinkIfUnsupported function| registerGlobalEvents function| clientValidationShouldSkipFor function| validateTwoDateInput function| turnOffAutoComplete function| setupContactPreferences function| setupContextualHelp function| showContextualHelp function| hideContextualHelp function| setupErrorMessaging function| showErrorCountInValidationSummaryBar function| openSlider function| resizeSliderFrame function| hasAndroidViewportChanged function| setupHealixSlider function| setupNonHealixSlider function| openAlert function| blockElementUntilContentLoaded function| unblockElementAfterContentHasLoaded function| closeSlider function| reloadPage function| closeAlert function| setValidationSummaryBarVisibility function| showContent function| isOverlay function| isBackOffice function| isFrontOffice function| openThawte function| pageShouldFadeRightHandSideContent function| setupTooltips function| isTouch function| isTablet function| isDesktop function| isMobile function| suppressKeyInputOverMaxLength function| makeButtonsNotEditable function| initNumberInputMaxLengths number| currentWindowHeight function| getWindowHeight string| newwindow number| windowHeight function| isSpecialCharacter object| setupHtmlInputControls function| dialogCreate function| dialogOpen function| dialogBeforeClose boolean| isDialogOpen number| scrollPosition function| isPhone object| global object| dataLayer string| applicationKey string| adrum-app-key number| adrum-start-time object| ADRUM function| getValueFromCookie object| google_tag_manager object| evidon object| evidonBarrier

3 Cookies

Domain/Path Name / Value
secure.halifaxurcatravelinsurance.co.uk/ Name: ADRUM_BTa
Value: R:205|g:a2eaa992-9cc1-4c18-9806-5c4d634bc42d|n:axadp_6413ba15-5a27-4e4b-8796-0e114290bca2
secure.halifaxurcatravelinsurance.co.uk/ Name: ADRUM_BT1
Value: R:205|i:7592
secure.halifaxurcatravelinsurance.co.uk/ Name: SameSite
Value: None

1 Console Messages

Source Level URL
Text
console-api log URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1)
Message:
Evidon -- evidon-notice-link not found on page, cant display the consent link.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
cdn.appdynamics.com
col.eum-appdynamics.com
l.evidon.com
secure.halifaxurcatravelinsurance.co.uk
www.googletagmanager.com
104.111.244.187
2a00:1450:4001:80f::2008
3.208.129.210
52.24.132.88
85.159.154.31
99.86.242.33
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746
169321e39b8feb5403c970bcefde1b1c3c29145725887ae7e590f79a92a0eed1
3162a2d804b09a1377447d738570eba6d593b5685e342c9a64846475edc08828
3f5845b3b30729e98c75fd97ca59e35ccf1cccf8d6de5245aae9a94b5f03e44a
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
4a55a3b881aa5544406d4ddcc079c66888ac38b6c736c9d393ae1013d6a0a2c3
4ffa5ba9aace2783e510502a97ff98512795eebd59b5262e65becc6d5d0caca6
67270ed60b57d3b82bce4e7dc172973e61dd8980b12ab3fd30e622fa3f82296e
682dd8ef398d79980a9c433a261f80f71752fbd40a9b5828cc8ee2d6e46d771e
69fdf7f625a626d3a1674e2dcf581f95ad34732702ff1d7e92850b391be1c9ed
87b8427d16cf77c5c01722177f1de3d45c4d6517bb91627bd47a6140e757ff60
95df23cb74914e1f9a4752ebe4bc016ce661ff9963caba85b71abf703dfbc20b
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
9b6cbf03f27f99216704175f492eb061fc41cf7b7560a270f7aeb3acfeb39d46
a16218df3b7af2e06e607018d56a9aef7031d29752a58de7700a78493678c9d2
b0c822b5e62fece989a701cfee0ac09de50a55e3932977f4e4e998f9a39b35d2
ba16de2ea5df987cdb3e952edbe35fdbd1d7fd980a9d6c47fd0b4ff295ae873d
bce8527f4277ccbdadee8ffff59913fd5eaea5d8c4a4b5c57fadaa0b14e3626d
c447748560afe0f87e312dfbc3a0db62a62fbd927002f88483eadd76b92d7479
c85babb60c03fcd787070989a7be4bb76c50452725cd63e572e276cf4f5f2feb
c94d2e301392469222a55cf1391a166eb60cd1a591723ab7c629ad430cb42dac
cfd931f76d87d15b5f64ece7c537ec13c1a071bbbbf575f5bff6283171757941
d8dab0871b4e299a8c667ef41bdd6f850ee8d8feb6b465e0db7e6b08f64f36a6
dc8c3dcf792118dcd62d156d3bcd584cfbb92d94ad84bf4adb37f9761d3fd85a
de1ca0fa320d82268980e53ae20b03ea69731d3ec1933018953ce1879df41e71
e0f07b2ed9ef32b625706dca44c68eeb0037bea3bf4dea5fed37de4f9ee7a269
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f928864d98010483c4b29e470ab13783056e7f9a49348a186e24ec7fe69e9183