edc-wavetest.cardif.de.redirect.bnpparibas Open in urlscan Pro
159.50.205.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edc-wavetest.cardif.de.redirect.bnpparibas/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php
Effective URL:
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
Submission: On January 03 via manual (January 3rd 2024, 1:55:37 pm UTC) from FR — Scanned from DE

Summary HTTP 39 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 39 HTTP transactions. The main IP is 159.50.205.93, located in France and belongs to BNP-PARIBAS France, FR. The main domain is edc-wavetest.cardif.de.redirect.bnpparibas.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 30th 2023. Valid for: a year.

This is the only time edc-wavetest.cardif.de.redirect.bnpparibas was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 36	159.50.205.93 159.50.205.93	25215 (BNP-PARIB...) (BNP-PARIBAS France)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	63.140.62.214 63.140.62.214	16509 (AMAZON-02) (AMAZON-02)
39	6

36 159.50.205.93 (France) 3 redirects

ASN25215 (BNP-PARIBAS France, FR)
PTR: edc-wavedemo.cardif.de

edc-wavetest.cardif.de.redirect.bnpparibas	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-214.data.adobedc.net

bnppcardifgermany.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	redirect.bnpparibas 3 redirects edc-wavetest.cardif.de.redirect.bnpparibas	493 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 572	48 KB
1	2o7.net bnppcardifgermany.112.2o7.net	346 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	63 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 950	258 B
39	5

	Domain	Requested by
36	edc-wavetest.cardif.de.redirect.bnpparibas	3 redirects edc-wavetest.cardif.de.redirect.bnpparibas
3	assets.adobedtm.com	www.googletagmanager.com assets.adobedtm.com
1	bnppcardifgermany.112.2o7.net
1	www.googletagmanager.com	edc-wavetest.cardif.de.redirect.bnpparibas
1	geolocation.onetrust.com	edc-wavetest.cardif.de.redirect.bnpparibas
39	5

This site contains links to these domains. Also see Links.

Domain
www.cardif.de
www.bnpparibascardif.de
www.onetrust.com

Subject Issuer	Validity	Valid
testcapri.cardif.de Entrust Certification Authority - L1K	`2023-01-30` - `2024-01-30`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.112.2o7.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
Frame ID: BF9D6E2F4744370E3F7325E6F3FFDF03
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cardif | Willkommen bei Cardif Back ButtonFilter Button

Page URL History Show full URLs

http://edc-wavetest.cardif.de.redirect.bnpparibas/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/ HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/ Page URL
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/rsvlogin.action HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

39
Requests

15 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

602 kB
Transfer

1612 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cardif.de/

Search URL Search Domain Scan URL

URL: https://www.bnpparibascardif.de/pflichtangaben+impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.bnpparibascardif.de/datenschutz/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.bnpparibascardif.de/datenschutz
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edc-wavetest.cardif.de.redirect.bnpparibas/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/ HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/ Page URL
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/rsvlogin.action HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://edc-wavetest.cardif.de.redirect.bnpparibas/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/ HTTP 302
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

/ Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/
Redirect Chain

http://edc-wavetest.cardif.de.redirect.bnpparibas/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php
https://edc-wavetest.cardif.de.redirect.bnpparibas/
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/

250 B
3 KB

38ms
38ms

Document
text/html

159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

a259c7e9bfca665c6e7985a1e53928d4e0511fd7bf22b3263341c08bef9431a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Language: de-DE
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Content-Type: text/html;charset=UTF-8
Date: Wed, 03 Jan 2024 13:55:31 GMT
Keep-Alive: timeout=5, max=99
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 03 Jan 2024 13:55:31 GMT
Keep-Alive: timeout=5, max=100
Location: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H/1.1

200

Primary Request login.action Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/
Redirect Chain

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/rsvlogin.action
https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

10 KB
12 KB

52ms
52ms

Document
text/html

159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

816a56800a396827bac79f288bf6f23eb981e4be43d568579a1fbcc56d4436e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Language: de-DE
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Content-Type: text/html;charset=UTF-8
Date: Wed, 03 Jan 2024 13:55:31 GMT
Keep-Alive: timeout=5, max=97
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Language: de-DE
Content-Length: 0
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Date: Wed, 03 Jan 2024 13:55:31 GMT
Keep-Alive: timeout=5, max=98
Location: /rsv/public/login.action
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK OtAutoBlock.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/consent/8c686c98-0f73-4460-aa77-a6226baaa691/ 4 KB
4 KB 40ms
36ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/consent/8c686c98-0f73-4460-aa77-a6226baaa691/OtAutoBlock.js

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

579819ec77eaba379b61617a4dde6f4d83263d972ecf9904f2611891d42baaf0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720850
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1568
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"4534-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 13 Mar 2024 15:54:41 GMT

GET
H/1.1 200
OK otSDKStub.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/ 17 KB
8 KB 583ms
527ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/otSDKStub.js

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720850
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5753
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"17376-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK cardif_layout.css
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/ 70 KB
17 KB 74ms
33ms Stylesheet
text/css 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

2b06eb618f81c6c56ef1107027357d9528ebd7421ce499f6f196e11250f561b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720850
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 14834
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"71420-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: text/css
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 13 Mar 2024 15:54:41 GMT

GET
H/1.1 200
OK tiptip.css
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/ 3 KB
3 KB 87ms
32ms Stylesheet
text/css 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/tiptip.css?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

a48a4397ada5d1180d66a9ea3d525927861c760633da1a1b99aa6a13f708dec3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720850
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 897
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"3009-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: text/css
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Wed, 13 Mar 2024 15:54:41 GMT

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/base/ 134 KB
39 KB 161ms
104ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/base/jquery-1.11.0.min.js

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

55f668eff9a5c59dbf86febdd3beda561ab9c92b82bdacfa96eeb2d2d89b60ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 37239
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=100
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/base/ 282 KB
67 KB 133ms
75ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/base/jquery-ui.min.js?s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

b37291c4d545c5584499b156a5234e418f85aedb4c166131609b399c541ea388

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 66533
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=100
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery.ui.datepicker-de.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/i18n/ 896 B
3 KB 109ms
35ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/i18n/jquery.ui.datepicker-de.min.js?s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

73c4e5c847529e978d26e087ed3ea4d8054f57a479340bdf4c5ded5ea909203b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 505
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=93
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery.form.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/plugins/ 16 KB
8 KB 124ms
37ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/plugins/jquery.form.min.js?s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

ceeee7140783ce2bdec9d22df95804c74a12979be3f13378d0ffd9e40e784a9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 6180
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=99
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery.subscribe.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/plugins/ 3 KB
4 KB 134ms
36ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/plugins/jquery.subscribe.min.js?s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

25dccd434014a8e62d187180223a30db956af6a4f3721355dfae40c510e84918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1164
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=99
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery.struts2.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/struts2/ 18 KB
8 KB 146ms
36ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/struts2/jquery.struts2.min.js?s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

babc8810749038bf031720f7c4622d7675398640f6fa1fbc248946db0c89972e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5674
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=99
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery-ui.css
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/themes/smoothness/ 34 KB
8 KB 96ms
42ms Stylesheet
text/css 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/themes/smoothness/jquery-ui.css?s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

90b76dc75f2413eb43d5b866ffb3827a86907d26c1be33121306129af1237334

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 205
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 6049
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: text/css
Cache-Control: public
Keep-Alive: timeout=5, max=100
Retry-After: Fri, 15 Dec 2023 15:54:41 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK utils.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/ 5 KB
4 KB 158ms
33ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/utils.js

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

4532296d864bd36a9170ec9d33ba8f841024434770d59184ac37e902687b51c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 206
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1585
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=99
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK jquery-migrate-1.2.1.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/ 17 KB
8 KB 167ms
33ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/jquery-migrate-1.2.1.js?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

07f70099a7d8f604ee2e3b4dabe391dc410b823ff0f23c744df84eb0b9da3327

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5834
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"17148-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK functions.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/ 62 KB
18 KB 179ms
33ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/functions.js?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

6f6c803dd33135338b3c6f0524a9b1ed1aa05e387d17b84c9dba309bebdc8cb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 16350
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"63117-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK backdetector.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/ 2 KB
3 KB 192ms
31ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/backdetector.js?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

a81ff0e21b1663667437e25e2053e9b05bee73ab3f99cab358b2609c0b2e152c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 547
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"1566-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK jquery-antrag-tooltips.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/ 2 KB
3 KB 198ms
31ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/jquery-antrag-tooltips.js?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

d2f339b46e7b6eb33d24535d03dcfda35a20ed8b33246d2710d781620e065023

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 447
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"1604-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK tiptip_sa.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/ 5 KB
4 KB 212ms
31ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/20160118/tiptip_sa.js?v=4.4.17

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

7568fa5f8e63f1accc0642f3a74ea454fce9d2d02c9d76b51792cd62d8c6eac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1523
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"4876-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK logo.png
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/ 21 KB
24 KB 58ms
58ms Image
image/png 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/logo.png

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

631f7ccdc32beb4f52150ff8c00d610dcfa42426ecc212aa84f1314205802cda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 22010
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"22010-1701969080000"
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: image/png
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK 8c686c98-0f73-4460-aa77-a6226baaa691-test.json Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/consent/8c686c98-0f73-4460-aa77-a6226baaa691-test/ 3 KB
4 KB 34ms
34ms XHR
application/json 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/consent/8c686c98-0f73-4460-aa77-a6226baaa691-test/8c686c98-0f73-4460-aa77-a6226baaa691-test.json

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/otSDKStub.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

4e28fc3c8c105f8ef957bccf175a2d2ef33a1311067a10b57128ac9ca495ba44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 1352
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"3242-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/json
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK session_timeout.css
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/ 837 B
3 KB 35ms
34ms Stylesheet
text/css 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/session_timeout.css

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

9db6a0ede314d4abe7512736bb26e820d410b4d561363a79677c2b5a74c740d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 337
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"837-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: text/css
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK fortschrittbalken.css
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/ 1 KB
3 KB 36ms
35ms Stylesheet
text/css 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/fortschrittbalken.css

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

ca38821dca0ce4de5b1ef26be4194a973b684f21889e12600a9b2156f961b374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 459
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"1308-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: text/css
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 89 B
258 B 43ms
24ms Script
text/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc9d82a7192ad7c18d48a907604550a701d84ec9a14495287f19933898cbcfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:55:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 83fbbd701c73bb7d-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H/1.1 200
OK mainbg.gif
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/ 255 B
3 KB 36ms
35ms Image
image/gif 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/mainbg.gif

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

82bed70b09300b227fea08df1247a7eb78e9dd178513561e6d72a0ed55e51215

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 255
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"255-1701969080000"
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: image/gif
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK background_images_sprite.png
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/ 86 KB
89 KB 38ms
37ms Image
image/png 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/background_images_sprite.png

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

116afc02072124b3adac0aa071a77d08c660a811e2461265c1a7444ca0a4b8ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 88348
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"88348-1701969080000"
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: image/png
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK stars.gif
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/ 3 KB
5 KB 34ms
34ms Image
image/gif 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/stars.gif

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

8e71b5b15392e730dcdbb73d584cdea01d03de4a2ff5864d5f0890f7b6056ba2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 3168
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"3168-1701969080000"
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: image/gif
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK leftCol.gif
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/ 6 KB
8 KB 33ms
33ms Image
image/gif 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/img/leftCol.gif

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

81b8dbc2d089878ff432775312cf694c0fb90d9a7e9829cc2f59b861c29969ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/css/20160118/cardif_layout.css?v=4.4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5752
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"5752-1701969080000"
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: image/gif
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK jquery.ui.struts2.min.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/struts2/ 22 KB
7 KB 32ms
32ms XHR
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/struts2/jquery.ui.struts2.min.js?s2j=3.7.1&s2j=3.7.1

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/struts/js/base/jquery-1.11.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

894bc0127ce1333b335ac42d147acefecc1e6b6b45c079f12c9899caf4049e14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 206
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 5154
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 19:32:56 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public
Keep-Alive: timeout=5, max=96
Retry-After: Fri, 15 Dec 2023 15:54:42 GMT
Expires: Thu, 04 Jan 2024 13:52:06 GMT

GET
H/1.1 200
OK otBannerSdk.js Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/ 377 KB
86 KB 34ms
33ms Script
application/javascript 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/otBannerSdk.js

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/otSDKStub.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 85357
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"385608-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/javascript
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK de.json Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/consent/8c686c98-0f73-4460-aa77-a6226baaa691-test/747efc1e-0c12-415b-adf8-c7cdad6aa7ea/ 33 KB
13 KB 36ms
35ms Fetch
application/json 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/consent/8c686c98-0f73-4460-aa77-a6226baaa691-test/747efc1e-0c12-415b-adf8-c7cdad6aa7ea/de.json

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/otBannerSdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

63ec1f6f40cac71476e9d99787001d24bd4145d41f66d7cac588fa1ffbd65c73

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 10586
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"34073-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/json
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK otCenterRounded.json Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/assets/ 9 KB
5 KB 36ms
36ms Fetch
application/json 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/assets/otCenterRounded.json

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/otBannerSdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 2539
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"9499-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/json
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK otPcTab.json Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/assets/v2/ 46 KB
14 KB 63ms
63ms Fetch
application/json 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/assets/v2/otPcTab.json

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/otBannerSdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

85189c3a0ebc37dda89a5ef811071b5d4aeb7df093afbbe9ae58e81d96e22398

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 11905
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"46989-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/json
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H/1.1 200
OK otCookieSettingsButton.json Show response
edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/assets/ 5 KB
4 KB 37ms
37ms Fetch
application/json 159.50.205.93
BNP-PARIBAS France

General

Check archive.org

Show headers Download Go to

Full URL

https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/assets/otCookieSettingsButton.json

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/resources/js/banner/scripttemplates/6.18.0/otBannerSdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.50.205.93 , France, ASN25215 (BNP-PARIBAS France, FR),

Reverse DNS

edc-wavedemo.cardif.de

Software

Resource Hash

4d12329e0fd65159a22a6e3070ece0bc79825bdcda1357baf388818dc1756a00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/public/login.action
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 13:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://*.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://*.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://*.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://*.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://*.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://*.cardif.de
Strict-Transport-Security: max-age=15552000; includeSubDomains
Age: 1720851
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: Keep-Alive
Content-Length: 2146
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 07 Dec 2023 17:11:20 GMT
ETag: W/"5090-1701969080000-gzip"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Language: de-DE
Content-Type: application/json
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 13 Mar 2024 15:54:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
63 KB 84ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ83KC

Requested by

Host: edc-wavetest.cardif.de.redirect.bnpparibas
URL: https://edc-wavetest.cardif.de.redirect.bnpparibas/rsv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fc4356e19d80757ebd57758216a42ff9700c32ea34e0f7aa934f2eebee11a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:55:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64167
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 13:55:32 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 launch-e46e21b8c4a3.min.js Show response
assets.adobedtm.com/9c7553d070d7/58ef215e07da/ 104 KB
34 KB 70ms
18ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9c7553d070d7/58ef215e07da/launch-e46e21b8c4a3.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ83KC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0049cb24f0b0dc2b36c7d82194b27f1060c2a9b69c9235530b62f2362548b32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:55:32 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 12:34:35 GMT
server: AkamaiNetStorage
etag: "afde5c28abe31bdb774c1d40c86cb80d:1690547675.022052"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://edc-wavetest.cardif.de.redirect.bnpparibas
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 34486
expires: Wed, 03 Jan 2024 14:55:32 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 25ms
25ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9c7553d070d7/58ef215e07da/launch-e46e21b8c4a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:55:32 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://edc-wavetest.cardif.de.redirect.bnpparibas
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Wed, 03 Jan 2024 14:55:32 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 23ms
23ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9c7553d070d7/58ef215e07da/launch-e46e21b8c4a3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:55:32 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://edc-wavetest.cardif.de.redirect.bnpparibas
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Wed, 03 Jan 2024 14:55:32 GMT

GET
H2 200 s48911885253728
bnppcardifgermany.112.2o7.net/b/ss/bnppcardifgermany/1/JS-2.23.0-LDQM/ 43 B
346 B 80ms
24ms Image
image/gif 63.140.62.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bnppcardifgermany.112.2o7.net/b/ss/bnppcardifgermany/1/JS-2.23.0-LDQM/s48911885253728?AQB=1&ndh=1&pf=1&t=3%2F0%2F2024%2014%3A55%3A33%203%20-60&mid=65923190781927967627673933281775682316&ce=UTF-8&pageName=Cardif%20%7C%20Willkommen%20bei%20Cardif&g=https%3A%2F%2Fedc-wavetest.cardif.de.redirect.bnpparibas%2Frsv%2Fpublic%2Flogin.action&r=https%3A%2F%2Fedc-wavetest.cardif.de.redirect.bnpparibas%2Frsv%2F&cc=EUR&c1=Cardif%20%7C%20Willkommen%20bei%20Cardif&c2=https%3A%2F%2Fedc-wavetest.cardif.de.redirect.bnpparibas%2Frsv%2Fpublic%2Flogin.action&c3=%2Frsv%2Fpublic%2Flogin.action&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=250C3594626ADADD0A495EBD%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edc-wavetest.cardif.de.redirect.bnpparibas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 13:55:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 13:55:33 GMT
server: jag
etag: 3659935193574834176-4617778394140251916
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 02 Jan 2024 13:55:33 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
edc-wavetest.cardif.de.redirect.bnpparibas/rsv	1969-12-31 23:59:59	Name: JSESSIONID Value: C916C328D1031316BD047FE014108296
edc-wavetest.cardif.de.redirect.bnpparibas/rsv	1969-12-31 23:59:59	Name: TS01fcbeaa Value: 019e08a0408938838ceb7c350e4521d91e860b86cb6dab4b7cc5d4c6fdb3257e589d2ed1790824045c0012f340d5b71e084fe28993
edc-wavetest.cardif.de.redirect.bnpparibas/	1969-12-31 23:59:59	Name: TS016e2d9c Value: 019e08a0408938838ceb7c350e4521d91e860b86cb6dab4b7cc5d4c6fdb3257e589d2ed1790824045c0012f340d5b71e084fe28993
edc-wavetest.cardif.de.redirect.bnpparibas/	1969-12-31 23:59:59	Name: BIGipServerPOOL_WAVE_PREPROD_COP_HTTP Value: !w49NubPaytLOAFcnYpFrAwrA9BZFVawhclz4YJKksAysz71LYRSOk0qL+k2KBi/NNdLHoqtWAc9NtAMF2u+vsXBM11rqHvXmWx9IZSvL3A==
edc-wavetest.cardif.de.redirect.bnpparibas/	1970-01-21 02:10:26	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Jan+03+2024+14%3A55%3A32+GMT%2B0100+(Central+European+Standard+Time)&version=6.18.0&hosts=&consentId=77797ecd-b8f9-4365-83f6-354f46ab29e7&interactionCount=0&landingPath=https%3A%2F%2Fedc-wavetest.cardif.de.redirect.bnpparibas%2Frsv%2Fpublic%2Flogin.action&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0016%3A0
edc-wavetest.cardif.de.redirect.bnpparibas/	1970-01-21 02:46:26	Name: cookieLifeTime Value: 33696000
.redirect.bnpparibas/	1970-01-21 03:00:50	Name: AMCV_250C3594626ADADD0A495EBD%40AdobeOrg Value: 179643557%7CMCMID%7C65923190781927967627673933281775682316%7CvVersion%7C5.5.0
.redirect.bnpparibas/	1969-12-31 23:59:59	Name: s_cc Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.cardif.de 'unsafe-inline' blob:; script-src 'self' https://com-vonq-main.collector.snplow.net https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdnjs.cloudflare.com https://code.jquery.com https://.cardif.de 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' https://com-vonq-main.collector.snplow.net https://.cardif.de https://d6unz3nsyh8vw.cloudfront.net https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cdnjs.cloudflare.com; img-src 'self' https://assets.adobedtm.com https://bnppcardifgermany.112.2o7.net https://www.googletagmanager.com/ https://d6unz3nsyh8vw.cloudfront.net https://web.liferay.com https://code.jquery.com https://.cardif.de data: https://www.google-analytics.com https://cdnjs.cloudflare.com https://com-vonq-main.collector.snplow.net; style-src 'self' https://.cardif.de https://com-vonq-main.collector.snplow.net https://code.jquery.com 'unsafe-inline'; base-uri 'self'; form-action 'self' https://.cardif.de
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bnppcardifgermany.112.2o7.net
edc-wavetest.cardif.de.redirect.bnpparibas
geolocation.onetrust.com
www.googletagmanager.com
159.50.205.93
2606:4700:4400::ac40:9b77
2a00:1450:4001:80f::2008
2a02:26f0:3500:587::1e80
63.140.62.214
0049cb24f0b0dc2b36c7d82194b27f1060c2a9b69c9235530b62f2362548b32e
07f70099a7d8f604ee2e3b4dabe391dc410b823ff0f23c744df84eb0b9da3327
116afc02072124b3adac0aa071a77d08c660a811e2461265c1a7444ca0a4b8ff
25dccd434014a8e62d187180223a30db956af6a4f3721355dfae40c510e84918
2b06eb618f81c6c56ef1107027357d9528ebd7421ce499f6f196e11250f561b8
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
4532296d864bd36a9170ec9d33ba8f841024434770d59184ac37e902687b51c4
4d12329e0fd65159a22a6e3070ece0bc79825bdcda1357baf388818dc1756a00
4e28fc3c8c105f8ef957bccf175a2d2ef33a1311067a10b57128ac9ca495ba44
55f668eff9a5c59dbf86febdd3beda561ab9c92b82bdacfa96eeb2d2d89b60ff
579819ec77eaba379b61617a4dde6f4d83263d972ecf9904f2611891d42baaf0
631f7ccdc32beb4f52150ff8c00d610dcfa42426ecc212aa84f1314205802cda
63ec1f6f40cac71476e9d99787001d24bd4145d41f66d7cac588fa1ffbd65c73
6f6c803dd33135338b3c6f0524a9b1ed1aa05e387d17b84c9dba309bebdc8cb6
73c4e5c847529e978d26e087ed3ea4d8054f57a479340bdf4c5ded5ea909203b
7568fa5f8e63f1accc0642f3a74ea454fce9d2d02c9d76b51792cd62d8c6eac5
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
816a56800a396827bac79f288bf6f23eb981e4be43d568579a1fbcc56d4436e4
81b8dbc2d089878ff432775312cf694c0fb90d9a7e9829cc2f59b861c29969ae
82bed70b09300b227fea08df1247a7eb78e9dd178513561e6d72a0ed55e51215
85189c3a0ebc37dda89a5ef811071b5d4aeb7df093afbbe9ae58e81d96e22398
894bc0127ce1333b335ac42d147acefecc1e6b6b45c079f12c9899caf4049e14
8e71b5b15392e730dcdbb73d584cdea01d03de4a2ff5864d5f0890f7b6056ba2
8fc4356e19d80757ebd57758216a42ff9700c32ea34e0f7aa934f2eebee11a46
90b76dc75f2413eb43d5b866ffb3827a86907d26c1be33121306129af1237334
9db6a0ede314d4abe7512736bb26e820d410b4d561363a79677c2b5a74c740d4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a259c7e9bfca665c6e7985a1e53928d4e0511fd7bf22b3263341c08bef9431a5
a48a4397ada5d1180d66a9ea3d525927861c760633da1a1b99aa6a13f708dec3
a81ff0e21b1663667437e25e2053e9b05bee73ab3f99cab358b2609c0b2e152c
b37291c4d545c5584499b156a5234e418f85aedb4c166131609b399c541ea388
babc8810749038bf031720f7c4622d7675398640f6fa1fbc248946db0c89972e
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
ca38821dca0ce4de5b1ef26be4194a973b684f21889e12600a9b2156f961b374
cc9d82a7192ad7c18d48a907604550a701d84ec9a14495287f19933898cbcfb3
ceeee7140783ce2bdec9d22df95804c74a12979be3f13378d0ffd9e40e784a9d
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d2f339b46e7b6eb33d24535d03dcfda35a20ed8b33246d2710d781620e065023
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

edc-wavetest.cardif.de.redirect.bnpparibas Open in urlscan Pro 159.50.205.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

15 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

602 kBTransfer

1612 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

edc-wavetest.cardif.de.redirect.bnpparibas Open in urlscan Pro
159.50.205.93 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

15 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

602 kB
Transfer

1612 kB
Size

8
Cookies

39 HTTP transactions
1 data transactions