urlscan.io logo urlscan.io
SecurityTrails logo

secure.halifaxurcatravelinsurance.co.uk Open in urlscan Pro
85.159.154.31  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Registration/EmailConfirm/...
Effective URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Submission Tags: falconsandbox
Submission: On October 05 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 3 domains to perform 28 HTTP transactions. The main IP is 85.159.154.31, located in Middlesbrough, United Kingdom and belongs to AXA_INSURANCE, GB. The main domain is secure.halifaxurcatravelinsurance.co.uk.
TLS certificate: Issued by QuoVadis Global SSL ICA G2 on December 21st 2021. Valid for: a year.
This is the only time secure.halifaxurcatravelinsurance.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lloyds (Banking)

Domain & IP information

IP Address AS Autonomous System
1 17 85.159.154.31 34746 (AXA_INSUR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 23.205.241.144 16625 (AKAMAI-AS)
3 34.205.216.121 14618 (AMAZON-AES)
28 4
Apex Domain
Subdomains		 Transfer
17 halifaxurcatravelinsurance.co.uk
secure.halifaxurcatravelinsurance.co.uk
587 KB
12 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1876
l.evidon.com — Cisco Umbrella Rank: 12022
48 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
52 KB
28 3
Domain Requested by
17 secure.halifaxurcatravelinsurance.co.uk 1 redirects secure.halifaxurcatravelinsurance.co.uk
9 c.evidon.com 1 redirects secure.halifaxurcatravelinsurance.co.uk
c.evidon.com
3 l.evidon.com secure.halifaxurcatravelinsurance.co.uk
1 www.googletagmanager.com secure.halifaxurcatravelinsurance.co.uk
28 4

This site contains no links.

Subject Issuer Validity Valid
secure.halifaxurcatravelinsurance.co.uk
QuoVadis Global SSL ICA G2		 2021-12-21 -
2022-12-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-12 -
2023-04-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Frame ID: B44201C5A4C78A1FEE09AB1C99AF806A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Travel - Register

Page URL History Show full URLs

  1. https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Regist... HTTP 302
    https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

96 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

4
Countries

686 kB
Transfer

1612 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Registration/EmailConfirm/96317EA50B84873640A38D0E1B64FA6A12C88A4D7D1E0D0DE4637041CFEABFD3 HTTP 302
    https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settings.js HTTP 301
  • https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settingsV2.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request EmailConfirmationDeclined
secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/
Redirect Chain
  • https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/LloydsBankingGroup/Halifax/AvaTravel/Urca/Desktop/Registration/EmailConfirm/96317EA50B84873640A38D0E1B64FA6A12C88A4D7D1E0D0DE4637...
  • https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
82a303c480eb39e5e50751f83ef89aafbed8a3366406bc1daf25b19d1a04bab6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Encoding
gzip
Content-Length
3286
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 05:11:08 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNetMvc-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Length
186
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Oct 2022 05:10:53 GMT
Expires
-1
Location
/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNetMvc-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
InstinctDefaultJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		513 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctDefaultJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=6T-hEz94xYIu9SJwO7JgRbIeW-QsUVbKlmqe7uOul141
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
fe5c52ab319f9328fe2f37d1218e6f16aceefa98b891ed71611237789f7b76fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 05 Oct 2022 05:11:08 GMT
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 05 Oct 2022 05:11:09 GMT
Server
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Expires
Thu, 05 Oct 2023 05:11:09 GMT,-1
InstinctProductCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctProductCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=bxvkaMDkjKOQnkyXuaDDCPZrnIw_TXOmH49L-9VBlOc1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
69fdf7f625a626d3a1674e2dcf581f95ad34732702ff1d7e92850b391be1c9ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 05 Oct 2022 05:11:09 GMT
Content-Length
4411
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 05 Oct 2022 05:11:09 GMT
Server
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Expires
Thu, 05 Oct 2023 05:11:09 GMT,-1
InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
682dd8ef398d79980a9c433a261f80f71752fbd40a9b5828cc8ee2d6e46d771e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 05 Oct 2022 05:11:09 GMT
Content-Length
2663
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 05 Oct 2022 05:11:09 GMT
Server
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Expires
Thu, 05 Oct 2023 05:11:09 GMT,-1
InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		78 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
dc8c3dcf792118dcd62d156d3bcd584cfbb92d94ad84bf4adb37f9761d3fd85a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 05 Oct 2022 05:11:08 GMT
Content-Length
18612
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 05 Oct 2022 05:11:09 GMT
Server
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Expires
Thu, 05 Oct 2023 05:11:09 GMT,-1
InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
a16218df3b7af2e06e607018d56a9aef7031d29752a58de7700a78493678c9d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 05 Oct 2022 05:11:09 GMT
Content-Length
3673
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 05 Oct 2022 05:11:09 GMT
Server
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Expires
Thu, 05 Oct 2023 05:11:09 GMT,-1
InstinctProductJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All
secure.halifaxurcatravelinsurance.co.uk/Sales/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctProductJavascriptBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=53GZqqqmBEpbItPFTyBPDc4HU3A2445orHUH7eIm1FM1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
4a55a3b881aa5544406d4ddcc079c66888ac38b6c736c9d393ae1013d6a0a2c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 05 Oct 2022 05:11:09 GMT
Content-Length
8700
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 05 Oct 2022 05:11:09 GMT
Server
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate
Expires
Thu, 05 Oct 2023 05:11:09 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/Instinct/png/partner-logo.png&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
b0c822b5e62fece989a701cfee0ac09de50a55e3932977f4e4e998f9a39b35d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
2668
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:10 GMT,-1
gtm.js
www.googletagmanager.com/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJ7MNF
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e94b102bbe07f278e62d7df1903f64f5e9f81cefedf8d0960b1bbba8fb06737a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52618
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:11:22 GMT
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/axa-ava-logo-desktop-white.png&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
de1ca0fa320d82268980e53ae20b03ea69731d3ec1933018953ce1879df41e71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalResponsiveCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=X_CTqq9kTpWza_cBg3jBcZ0Q0CQfhoC_SlxAXnJrQNY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
5000
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:10 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaLight/AgendaLight.eot&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
c447748560afe0f87e312dfbc3a0db62a62fbd927002f88483eadd76b92d7479
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.ms-fontobject
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
77700
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:09 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankIcons-Regular.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
c85babb60c03fcd787070989a7be4bb76c50452725cd63e572e276cf4f5f2feb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctIconographyCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=pTi_z9XkMaVkVpHWhn0YehvfzZjvITiHSSSA4jAMldY1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
13560
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:10 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankJackRegular/lloyds_bank_jack-regularWEB.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
64612
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:10 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaMedium/AgendaMedium.eot&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
3f5845b3b30729e98c75fd97ca59e35ccf1cccf8d6de5245aae9a94b5f03e44a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:08 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.ms-fontobject
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
51468
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:09 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankJackBold/lloyds_bank_jack-boldWEB.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
4ffa5ba9aace2783e510502a97ff98512795eebd59b5262e65becc6d5d0caca6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
75224
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:09 GMT,-1
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaMedium/Agenda-Medium.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
e0f07b2ed9ef32b625706dca44c68eeb0037bea3bf4dea5fed37de4f9ee7a269
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
22860
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:10 GMT,-1
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ae6efcd8bfb917e83cc1025084fc434eb2b3cc82ede1d5144c950d2d24b097ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 19:13:48 GMT
server
AkamaiNetStorage
etag
"372ea9f5b6a9bba9973d9fb327998263:1664910828.091502"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
18994
expires
Fri, 07 Oct 2022 05:11:23 GMT
country.js
c.evidon.com/geo/ 		253 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8937d691335c724e00112aa7715c3d801b29df4218e674aa9935fcd1183c7f4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Sat, 14 Mar 2020 22:45:10 GMT
server
AkamaiNetStorage
etag
"ad5a60b092c0a1e65fa2392194bf2b00:1584225910.664905"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
179
snthemes.js
c.evidon.com/sitenotice/6650/ 		216 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6650/snthemes.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e2242006a34c01b39cc4906e8ca1f69140ee6d8ea21e1683b9c38ada18283f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 22:36:10 GMT
server
AkamaiNetStorage
etag
"9417bf7e31b7993228bb18b9ce935f64:1663108570.084532"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9298
expires
Fri, 07 Oct 2022 05:11:23 GMT
settingsV2.js
c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/
Redirect Chain
  • https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settings.js
  • https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settingsV2.js
8 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settingsV2.js
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3bfe0583524d9fb08c1b61e1c822ee09e38b68f867181eeba6cd10cf4962f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 19:49:27 GMT
server
AkamaiNetStorage
etag
"0e1de0c180e3fc5bc8f2e25c27c9172b:1662493767.943822"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
892
expires
Fri, 07 Oct 2022 05:11:23 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:11:23 GMT
server
AkamaiGHost
vary
Origin
access-control-max-age
108000
access-control-allow-methods
GET,OPTIONS,POST
location
https://c.evidon.com/sitenotice/6650/halifaxurcatravelinsurance/settingsV2.js
access-control-allow-origin
cache-control
max-age=432000, private;max-age=86400
access-control-allow-headers
*
content-length
0
/
secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaLight/Agenda-Light.woff&tx=MTIwOjE6ODoxNzo5OjY=
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.159.154.31 Middlesbrough, United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software
/
Resource Hash
f928864d98010483c4b29e470ab13783056e7f9a49348a186e24ec7fe69e9183
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/InstinctGlobalCssBundle_Registration_PersonalLines_LloydsBankingGroup_Halifax_AvaTravel_Urca_Desktop_All?v=R8Lt7c8QlJcXcrYkcHXBMgSUMZZof8MTLiWxVgfOupE1
Origin
https://secure.halifaxurcatravelinsurance.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-AspNetMvc-Version
Server
Date
Wed, 05 Oct 2022 05:11:09 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-woff
Cache-Control
no-cache,no-store,must-revalidate
Content-Length
30136
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Nov 2022 06:11:09 GMT,-1
en.js
c.evidon.com/sitenotice/6650/translations/ 		157 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6650/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ac6b014624595f38c823773d24a008e25f1120c5535010802d00492e53d9dac2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 22:36:07 GMT
server
AkamaiNetStorage
etag
"5d2e79f27f1e822b01967c298f9b5ab7:1663108567.29193"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9722
expires
Fri, 07 Oct 2022 05:11:23 GMT
evidon-barrier.js
c.evidon.com/sitenotice/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68b08a7e42955e19b961db91ee77f52b379ff30253d27dbd573365359757ea4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 19:13:49 GMT
server
AkamaiNetStorage
etag
"ba40b7418481531fdf6163b7d67c407e:1664910829.023625"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3927
expires
Fri, 07 Oct 2022 05:11:23 GMT
icong1.png
c.evidon.com/pub/ 		600 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icong1.png
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2019 16:14:21 GMT
server
AkamaiNetStorage
etag
"d08da9f445b63100a56646de99043059:1558455261"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
623
87827
l.evidon.com/site/v3/6650/56400/6/2/3/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/6/2/3/1/87827?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
87827
l.evidon.com/site/v3/6650/56400/6/1/3/1/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/6/1/3/1/87827?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
6650-20200324170107.png
c.evidon.com/logos/6650/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/logos/6650/6650-20200324170107.png
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3162a2d804b09a1377447d738570eba6d593b5685e342c9a64846475edc08828

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 17:01:09 GMT
server
AkamaiNetStorage
etag
"4fa129b72e3140ccfcfa339e5df3af04:1585069269.657428"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
1915
87827
l.evidon.com/site/v3/6650/56400/6/5/3/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6650/56400/6/5/3/1/87827?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: secure.halifaxurcatravelinsurance.co.uk
URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:23 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lloyds (Banking)

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| dateGreaterThanOrEqualTo function| SetupDateThreeField function| toggleUsAndUkDateFormats function| SetupDateTwoField function| isValidDate function| SetupDatepicker function| sendGATag function| SendDeselectionBenefitsGATag function| sendIsResponsivePageGATag function| sendGALoginError undefined| addressLookupUrl undefined| addressConfirmUrl undefined| clearPolicyholderAddressUrl undefined| enterHouseNumberNameUrl undefined| addressNotFoundUrl undefined| addressBfpoUrl object| address object| uiAjax undefined| verifyInstantServiceUrl object| interactiveHelp object| currentDate number| currentYear number| currentMonth number| currentYearTwoDigits number| maxExpiryYearTwoDigits number| acceptableMaxYearForPolicyStart string| todayDate string| firstOfThisMonthDate object| dayValidationRule object| monthValidationRule object| optionalMonthValidationRule object| yearValidationRule object| yearCardStartValidationRule object| yearCardExpiryValidationRule object| yearValidationRuleForCoverStart object| securityCodeRule object| issueNumberRule object| accountHoldersNameRule object| sortCodeRule object| sortCodePartRule object| accountNumberRule object| requiredAddressLineRule object| addressLineRule object| postcodeValidationRule object| emailValidationRule object| genericTelephoneNumberRule boolean| timeoutLoggingEnabled boolean| timeoutMessageEnabled object| sessionTimeoutManager function| $ function| jQuery object| ko object| html5 object| Modernizr function| disablePrintLinkIfUnsupported function| registerGlobalEvents function| clientValidationShouldSkipFor function| validateTwoDateInput function| turnOffAutoComplete function| setupContactPreferences function| setupContextualHelp function| showContextualHelp function| hideContextualHelp function| setupErrorMessaging function| showErrorCountInValidationSummaryBar function| openSlider function| resizeSliderFrame function| hasAndroidViewportChanged function| setupHealixSlider function| setupNonHealixSlider function| openAlert function| blockElementUntilContentLoaded function| unblockElementAfterContentHasLoaded function| closeSlider function| reloadPage function| closeAlert function| setValidationSummaryBarVisibility function| showContent function| isOverlay function| isBackOffice function| isFrontOffice function| openThawte function| pageShouldFadeRightHandSideContent function| setupTooltips function| isTouch function| isTablet function| isDesktop function| isMobile function| suppressKeyInputOverMaxLength function| makeButtonsNotEditable function| initNumberInputMaxLengths number| currentWindowHeight function| getWindowHeight string| newwindow number| windowHeight function| isSpecialCharacter object| setupHtmlInputControls function| dialogCreate function| dialogOpen function| dialogBeforeClose boolean| isDialogOpen number| scrollPosition function| isPhone object| global object| dataLayer object| google_tag_manager object| evidon object| evidonBarrier

1 Cookies

Domain/Path Name / Value
secure.halifaxurcatravelinsurance.co.uk/ Name: ASP.NET_SessionId
Value: 0ogw3q5zhzfgnxg5oyy1t5wx

4 Console Messages

Source Level URL
Text
other warning URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Message:
Failed to decode downloaded font: https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaMedium/AgendaMedium.eot&tx=MTIwOjE6ODoxNzo5OjY=
other warning URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Message:
OTS parsing error: invalid sfntVersion: 214499328
other warning URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Message:
Failed to decode downloaded font: https://secure.halifaxurcatravelinsurance.co.uk/Sales/ContentStore/?filename=/LloydsBankAgendaLight/AgendaLight.eot&tx=MTIwOjE6ODoxNzo5OjY=
other warning URL: https://secure.halifaxurcatravelinsurance.co.uk/Sales/PersonalLines/AvaTravel/Registration/EmailConfirmationDeclined
Message:
OTS parsing error: invalid sfntVersion: -2077294336

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
l.evidon.com
secure.halifaxurcatravelinsurance.co.uk
www.googletagmanager.com
23.205.241.144
2a00:1450:400d:80e::2008
34.205.216.121
85.159.154.31
3162a2d804b09a1377447d738570eba6d593b5685e342c9a64846475edc08828
3f5845b3b30729e98c75fd97ca59e35ccf1cccf8d6de5245aae9a94b5f03e44a
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
4a55a3b881aa5544406d4ddcc079c66888ac38b6c736c9d393ae1013d6a0a2c3
4f3bfe0583524d9fb08c1b61e1c822ee09e38b68f867181eeba6cd10cf4962f6
4ffa5ba9aace2783e510502a97ff98512795eebd59b5262e65becc6d5d0caca6
682dd8ef398d79980a9c433a261f80f71752fbd40a9b5828cc8ee2d6e46d771e
68b08a7e42955e19b961db91ee77f52b379ff30253d27dbd573365359757ea4e
69fdf7f625a626d3a1674e2dcf581f95ad34732702ff1d7e92850b391be1c9ed
82a303c480eb39e5e50751f83ef89aafbed8a3366406bc1daf25b19d1a04bab6
8937d691335c724e00112aa7715c3d801b29df4218e674aa9935fcd1183c7f4e
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
a16218df3b7af2e06e607018d56a9aef7031d29752a58de7700a78493678c9d2
ac6b014624595f38c823773d24a008e25f1120c5535010802d00492e53d9dac2
ae6efcd8bfb917e83cc1025084fc434eb2b3cc82ede1d5144c950d2d24b097ac
b0c822b5e62fece989a701cfee0ac09de50a55e3932977f4e4e998f9a39b35d2
c447748560afe0f87e312dfbc3a0db62a62fbd927002f88483eadd76b92d7479
c85babb60c03fcd787070989a7be4bb76c50452725cd63e572e276cf4f5f2feb
dc8c3dcf792118dcd62d156d3bcd584cfbb92d94ad84bf4adb37f9761d3fd85a
de1ca0fa320d82268980e53ae20b03ea69731d3ec1933018953ce1879df41e71
e0f07b2ed9ef32b625706dca44c68eeb0037bea3bf4dea5fed37de4f9ee7a269
e2242006a34c01b39cc4906e8ca1f69140ee6d8ea21e1683b9c38ada18283f90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94b102bbe07f278e62d7df1903f64f5e9f81cefedf8d0960b1bbba8fb06737a
f928864d98010483c4b29e470ab13783056e7f9a49348a186e24ec7fe69e9183
fe5c52ab319f9328fe2f37d1218e6f16aceefa98b891ed71611237789f7b76fc