cardif.cz Review

 N/A

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://cardif.cz/
Date: Sat, 23 Aug 2025 22:41:10 GMT
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
X-Powered-By: WordPress VIP 
Host-Header: a9130478a60e5f9135f765b23f26593b
Report-To: {"group":"csp-endpoint","max_age":10886400,"endpoints":{"url":"https:\/\/sentry.beapi.fr\/api\/102\/security\/?sentry_key=574bdc9373af881e84d3f312f1def4eb&sentry_environment=production","include_subdomains":true}}
Reporting-Endpoints: csp-endpoint="https://sentry.beapi.fr/api/102/security/?sentry_key=574bdc9373af881e84d3f312f1def4eb&sentry_environment=production"
Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://assets.adobedtm.com https://cdn.cookielaw.org https://www.google-analytics.com https://stats.wp.com https://script.hotjar.com https://static.hotjar.com https://engagent.h-care.eu https://snap.licdn.com https://cdn.landbot.io https://calc-api.cardif.ysprod.cz https://static.elfsight.com https://connect.facebook.net https://s0.wp.com https://grwapi.net https://acsbapp.com https://s3.eu-central-1.amazonaws.com https://www.clarity.ms https://cdn.acsbapp.com; style-src 'self' 'unsafe-inline' https://engagent.h-care.eu https://cdn.landbot.io https://s0.wp.com https://cdn.acsbapp.com; img-src 'self' data: https://secure.gravatar.com https://cdn.cookielaw.org https://engagent.h-care.eu https://pixel.wp.com https://www.googletagmanager.com https://fonts.gstatic.com https://*.112.2o7.net https://api.holeest.com https://bo-corp.bnpparibascardif.com https://api.holeest.com https://pixel.wp.com https://www.google.com.pe https://www.google.ro https://px.ads.linkedin.com https://storage.googleapis.com/media.landbot.io/ https://i.ytimg.com https://www.google-analytics.com https://www.google.fr; font-src 'self' data: https://engagent.h-care.eu https://cdn.landbot.io https://s0.wp.com https://use.typekit.net; connect-src 'self' https://cdn.cookielaw.org https://www.google-analytics.com https://stats.g.doubleclick.net https://privacyportal-de.onetrust.com https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com https://engagent.h-care.eu wss://engagent.h-care.eu wss://ws.hotjar.com https://analytics.google.com https://content.hotjar.io https://*.ads.linkedin.com https://firestore.googleapis.com https://storage.googleapis.com https://privacyportal-fr.onetrust.com https://messages.landbot.io https://region1.analytics.google.com https://metrics.hotjar.io https://overbridgenet.com https://welcome.landbot.io https://identitytoolkit.googleapis.com https://vc.hotjar.io https://cdn.acsbapp.com sentry.beapi.fr; media-src 'self' https://broadcast.mediahub.bnpparibas https://asset.mediahub.bnpparibas https://dam.bnpparibas.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://engagent.h-care.eu https://www.googletagmanager.com https://forms.office.com https://widgets.wp.com https://wordpress.com; manifest-src 'self'; worker-src 'self'; object-src 'self' https://engagent.h-care.eu; base-uri 'self'; frame-ancestors 'self' 'https://frontend-dot-partner-cockpit.ew.r.appspot.com'; report-to csp-endpoint; report-uri https://sentry.beapi.fr/api/102/security/?sentry_key=574bdc9373af881e84d3f312f1def4eb&sentry_environment=production;
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOW-FROM https://frontend-dot-partner-cockpit.ew.r.appspot.com
Link: ; rel=shortlink
Content-Encoding: gzip
x-rq: hkg2 0 10 9980
Accept-Ranges: bytes
Cache-Control: no-cache, must-revalidate, max-age=0, no-store
Strict-Transport-Security: max-age=31536000
Content-Length: 15830
Date: Sat, 23 Aug 2025 22:41:12 GMT
Connection: keep-alive
Set-Cookie: pll_language=cz; expires=Sun, 23 Aug 2026 22:41:12 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax