www.payback.de Open in urlscan Pro
45.60.14.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsletter5.payback.de/go/l8lr48i0zmgo4c6lbtsoa0ofsdmt95e2h6ygwc8cc14c/152653
Effective URL:
https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Submission Tags: falconsandbox
Submission: On June 01 via api (June 1st 2021, 5:15:41 pm UTC) from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 37 HTTP transactions. The main IP is 45.60.14.82, located in United States and belongs to INCAPSULA, US. The main domain is www.payback.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 25th 2019. Valid for: 2 years.

This is the only time www.payback.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	78.35.37.225 78.35.37.225	8422 (NETCOLOGNE) (NETCOLOGNE)
23	45.60.14.82 45.60.14.82	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.13.40 151.101.13.40	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	7

1 78.35.37.225 (Haan, Germany) 1 redirects

ASN8422 (NETCOLOGNE, DE)

newsletter5.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.60.14.82 (United States)

ASN19551 (INCAPSULA, US)

www.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.40 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

client.perimeterx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxfxx25tyn.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	payback.de 1 redirects newsletter5.payback.de www.payback.de	966 KB
6	cookielaw.org cdn.cookielaw.org	116 KB
3	gstatic.com fonts.gstatic.com	44 KB
2	px-cloud.net collector-pxfxx25tyn.px-cloud.net	1 KB
1	onetrust.com geolocation.onetrust.com	408 B
1	perimeterx.net client.perimeterx.net	42 KB
1	googleapis.com fonts.googleapis.com	775 B
37	7

	Domain	Requested by
23	www.payback.de	www.payback.de
6	cdn.cookielaw.org	www.payback.de cdn.cookielaw.org
3	fonts.gstatic.com	fonts.googleapis.com
2	collector-pxfxx25tyn.px-cloud.net	client.perimeterx.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	client.perimeterx.net	www.payback.de
1	fonts.googleapis.com	www.payback.de
1	newsletter5.payback.de	1 redirects
37	8

This site contains no links.

Subject Issuer	Validity	Valid
www.payback.de DigiCert SHA2 Extended Validation Server CA	`2019-06-25` - `2021-06-29`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.perimeterx.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-16` - `2022-06-17`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-24` - `2021-09-21`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Frame ID: CA2AFED952E34CD03F14AB94E74D067E
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://newsletter5.payback.de/go/l8lr48i0zmgo4c6lbtsoa0ofsdmt95e2h6ygwc8cc14c/152653 HTTP 302
https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

1169 kB
Transfer

6059 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsletter5.payback.de/go/l8lr48i0zmgo4c6lbtsoa0ofsdmt95e2h6ygwc8cc14c/152653 HTTP 302
https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request

Cookie set appagb Show response
www.payback.de/app/
Redirect Chain

http://newsletter5.payback.de/go/l8lr48i0zmgo4c6lbtsoa0ofsdmt95e2h6ygwc8cc14c/152653
https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

87 KB
19 KB

159ms
128ms

Document
text/html

45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

f46063e3a055bd5925559c69d710c9f25250c82dbcaeb6ae4cb8ae390ed74a77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.payback.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; Path=/; Secure; HttpOnly cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; path=/; Httponly BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; path=/; Httponly; Secure visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvmtyuFFYt=ufHAWEIOEBT; path=/; Max-Age=900 ___utmvatyuFFYt=PbVSyUf; path=/; Max-Age=900 ___utmvbtyuFFYt=lZc XaiOfald: rtE; path=/; Max-Age=900
Content-Security-Policy: frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Security-Policy: frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors *.payback.de
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Strict-Transport-Security: max-age=2592000
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=0
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Language: de
X-Request-ID: 8588cb55-2aee-426a-a8c5-ac28bab28732
X-CDN: Imperva
X-Iinfo: 8-1458969-1458580 PNNy RT(1622567725132 18) q(0 0 0 1) r(1 1) U5

Redirect headers

Server: nginx
Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
strict-transport-security: max-age=432000
Location: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Access-Control-Allow-Origin: *

GET
H/1.1 200 Cookie set pb-uicore.css
www.payback.de/blueberry/static/ui-core/1.310.0/one/ 1 MB
97 KB 20ms
17ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6ea661b40efcbdec1e5a84a97ec5aca5eef7254b4adb3a494c7ff548504e14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 8-1458969-1458580 SNNy RT(1622567725132 153) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: fd4bc4ad-b206-4837-a6b4-cac7ca28141f
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"1405202-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 15 Jun 2021 17:15:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
775 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 15:30:00 GMT
server: ESF
date: Tue, 01 Jun 2021 17:15:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Jun 2021 17:15:25 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 32ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Jun 2021 17:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: H8Znzy3Akix+HhQXpXQuNw==
age: 895
vary: Accept-Encoding
content-length: 5809
cf-request-id: 0a6a2bc28b0000d6b9128f9000000001
x-ms-lease-status: unlocked
last-modified: Mon, 31 May 2021 01:45:10 GMT
server: cloudflare
etag: 0x8D923D5BA342B8A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d5459c4-601e-0081-5d92-567ab1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 658a157dabf9d6b9-FRA

GET
H/1.1 200 Cookie set pb-runtime-loader.js Show response
www.payback.de/blueberry/static/ui-core/1.310.0/one/ 74 KB
17 KB 30ms
17ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-runtime-loader.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

de7b706b259c983ee202a6cd8998153ef00650fa774d4b8a8e64eca8fce1e634

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-2654222-2651135 PNNy RT(1622567725289 7) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 8df782ec-b103-475c-a15d-e47933a67779
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"75584-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 15 Jun 2021 17:15:25 GMT

GET
H/1.1 200 Cookie set custom-elements-es5-adapter.js Show response
www.payback.de/blueberry/static/ui-core/1.310.0/one/webcomponentsjs/ 954 B
2 KB 33ms
19ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

a938b29d41b6db51ad77e0ca4b71689cae58417b993749c4129dc678047ce993

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-2654223-2650212 PNNy RT(1622567725291 7) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 9f231160-e15f-40a5-aa50-a055387e96c2
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"954-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Expires: Tue, 15 Jun 2021 17:15:25 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set webcomponents-bundle.js Show response
www.payback.de/blueberry/static/ui-core/1.310.0/one/webcomponentsjs/ 125 KB
38 KB 36ms
21ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/webcomponentsjs/webcomponents-bundle.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

ee3c0504fb82fd1d7787aa24bccd037ea208558600e715e2803cf1064a85a35d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 7-2940382-2936529 PNNy RT(1622567725291 10) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 6bd6a9b4-8214-4aba-9cb5-c22434c3be96
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"127894-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 15 Jun 2021 17:15:25 GMT

GET
H/1.1 200 pb-uicore.js Show response
www.payback.de/blueberry/static/ui-core/1.310.0/one/ 3 MB
643 KB 20ms
18ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

1adc564d6fa9e43dd86d9e244ddb655a1b4059965c884fb50fb9d709434f1693

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-2654223-2650212 SNNy RT(1622567725291 93) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 71164cd7-153e-4d1e-9a2a-bfcc2f45e3c5
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"3544416-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 15 Jun 2021 17:15:25 GMT

GET
H/1.1 200 Cookie set ab-test-is-anonymous.js Show response
www.payback.de/resources/js/ 26 B
2 KB 35ms
20ms Script
text/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resources/js/ab-test-is-anonymous.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

a8e4eb24a21afb428b320c5eb32fcd5456456f05a26fc5c2b41de3bc77cb6b72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 5-4199014-4192394 PNYy RT(1622567725291 8) q(0 1 1 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 2239a86c-0b75-4600-8fda-96f3f091742e
Pragma: no-cache
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Type: text/javascript;charset=ISO-8859-1
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set perimeter-x Show response
www.payback.de/resources/js/ 226 B
2 KB 34ms
19ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resources/js/perimeter-x

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

890dd6cd51f98c1647dbc6fb80ed9a53fda8954cc1ec81030a0051cc43b29220

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 2-1344667-1340654 PNYy RT(1622567725291 8) q(0 1 1 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: b18a3fe5-1330-4118-ad7b-47d00ad70827
Pragma: no-cache
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set RingDingDong%2520Blueberry%2520JS-70298-49.js Show response
www.payback.de/resource/sites/payback/germany/german/navigation/payback/online%2520punkten/test/paul/ringdingdong/ 5 B
2 KB 50ms
20ms Script
text/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resource/sites/payback/germany/german/navigation/payback/online%2520punkten/test/paul/ringdingdong/RingDingDong%2520Blueberry%2520JS-70298-49.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

6a1513d00a8655faeceef04b2759a2a6cd664634b40dbbe775ab2d05cd87f216

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 8-1458969-1458580 SNYy RT(1622567725132 183) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: d4dd5a4a-6e5b-40c9-bcbd-8bd0318b3049
Last-Modified: Wed, 14 Nov 2018 16:42:18 GMT
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Cache-Control: max-age=31536000
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
Content-Type: text/javascript;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set OverallAbTest-93938-56.js Show response
www.payback.de/resource/sites/payback/germany/german/navigation/payback/berrymore/meta_navi_test/ 3 B
2 KB 51ms
19ms Script
text/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resource/sites/payback/germany/german/navigation/payback/berrymore/meta_navi_test/OverallAbTest-93938-56.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvmtyuFFYt=ufHAWEIOEBT; ___utmvbtyuFFYt=lZc XaiOfald: rtE
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-2654223-2650212 SNYy RT(1622567725291 26) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: d93bee27-f9f7-4af2-b259-c9f4ddc1e2fc
Last-Modified: Thu, 16 May 2019 17:01:53 GMT
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Cache-Control: max-age=31536000
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; expires=Wed, 01 Jun 2022 08:06:09 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; path=/; Domain=.payback.de ___utmvbtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT ___utmvmtyuFFYt=a; Max-Age=0; path=/; expires=Mon, 31 May 2021 08:00:54 GMT
Content-Type: text/javascript;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pb_logo--mobile-blue.svg
www.payback.de/blueberry/static/ui-core/1.310.0/assets/logos/ 5 KB
3 KB 18ms
17ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/assets/logos/pb_logo--mobile-blue.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

1d754872a908b87874f5cfdec3e59cb091bd9b053e00de0031c0da5424a28a82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 8-1458969-1458580 SNNy RT(1622567725132 252) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 6fbb00ad-f992-464e-9444-85412f7ffbd1
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"4648-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Tue, 15 Jun 2021 17:15:25 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pb_logo--desktop.svg
www.payback.de/blueberry/static/ui-core/1.310.0/assets/logos/ 9 KB
4 KB 19ms
18ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/assets/logos/pb_logo--desktop.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

146afe6abcee9660473fc99510bdbc2d41d84e7baebf1a6943bfcec449e84148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 7-2940382-2936529 PNNy RT(1622567725291 93) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 7f78dcf6-9d6c-40b8-9aa1-4843a890b2e6
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"9142-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Tue, 15 Jun 2021 17:15:25 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 facebook-bild-data.jpg
www.payback.de/resource/blob/3364/f3027b613663d914967be8c31210a848/ 3 KB
4 KB 29ms
28ms Image
image/jpeg 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3364/f3027b613663d914967be8c31210a848/facebook-bild-data.jpg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

29823b0d418f705fa2d98365cafbcb850af6c9afd2e593d0dc3ac9990f3497a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 5-4199014-4192394 PNNy RT(1622567725291 95) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 852a00ab-454f-4e64-9f08-dec704e15a44
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
ETag: W/"f3027b613663d914967be8c31210a848"
Vary: Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Language: de
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Content-Type: image/jpeg;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 praemien-bild-data.jpg
www.payback.de/resource/blob/3378/211d0bb719bb0485bae52121a9fe84d8/ 5 KB
6 KB 24ms
23ms Image
image/jpeg 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3378/211d0bb719bb0485bae52121a9fe84d8/praemien-bild-data.jpg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

56ce899ef810c6652923230bbf8d13e7ac766c0f5a2c74a8fa19d0fc46d70e70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-2654222-2651135 SNNy RT(1622567725289 97) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: bde6aa20-17e1-4706-ab66-cc136d5ae113
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
ETag: W/"211d0bb719bb0485bae52121a9fe84d8"
Vary: Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Language: de
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Content-Type: image/jpeg;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 tuev-bild-data.png
www.payback.de/resource/blob/3384/4706d0ac3e37e47728b7a381813e819d/ 15 KB
16 KB 18ms
17ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3384/4706d0ac3e37e47728b7a381813e819d/tuev-bild-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

733a2518392f870ef93bd540993cbbc273aa176655e5c0dc84c78ba1e7e96a21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "4706d0ac3e37e47728b7a381813e819d"
X-CDN: Imperva
X-Iinfo: 2-1344667-1340654 SNNy RT(1622567725291 94) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 15830
X-XSS-Protection: 1; mode=block
X-Request-ID: bad5e666-2102-46df-adf9-4e5c120e9062
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 01 Jun 2021 17:15:25 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.payback.de/ 151 KB
22 KB 15ms
14ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=197597217
Requested by: Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 81555d29e6f803db44b7a11139445848d0443adabf70c761b159cf8cc73440d2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 21934
Content-Type: application/javascript

GET
H2 200 main.min.js Show response
client.perimeterx.net/PXFxX25TyN/ 120 KB
42 KB 31ms
6ms Script
application/javascript 151.101.13.40
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Requested by: Host: www.payback.de
URL: https://www.payback.de/resources/js/perimeter-x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.40 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6151e1d1baf5d640ebad896fe1f6ecf8267d7c3034dcf42aff31144305304fcb

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 17:15:25 GMT
content-encoding: gzip
age: 73
x-cache: HIT
content-length: 42390
x-served-by: cache-fra19160-FRA
access-control-allow-origin: *
x-timer: S1622567726.721597,VS0,VE0
etag: W/"1dec1-/pUpg+ustkV3cY7hpXz4wk+sjYk"
x-px-hash: ODcwMWFiYmNkOWU2MmEzZmM4ZjIzODliNGM0Y2JiZmYxMWQ1ZDM4ODJlMDQ1YzNmNTM5YmYyYTNiNmZkNzVmMw==
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 3

GET
H/1.1 200 couponmail-image-data.png
www.payback.de/resource/blob/3392/9f347ab5bcca02b322db22a13c20c991/ 523 B
1 KB 18ms
17ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3392/9f347ab5bcca02b322db22a13c20c991/couponmail-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

c3a5e609d52b9875cce4a352b2470f47035f52863ce76b325c1bc9fd9954838c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "9f347ab5bcca02b322db22a13c20c991"
X-CDN: Imperva
X-Iinfo: 8-1458969-1458580 SNNy RT(1622567725132 274) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 523
X-XSS-Protection: 1; mode=block
X-Request-ID: 16594213-c3dd-432e-8427-562b476b4cab
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 01 Jun 2021 17:15:25 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 hilfe-image-data.png
www.payback.de/resource/blob/3396/a1c5929c058736152c6bbb91fbaa9590/ 636 B
2 KB 21ms
20ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3396/a1c5929c058736152c6bbb91fbaa9590/hilfe-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

76ee1685be4e740cc6a15a7227e6ccba02aaef4993da3f14dd2a1581eb9da58f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "a1c5929c058736152c6bbb91fbaa9590"
X-CDN: Imperva
X-Iinfo: 3-2654222-2651135 SNNy RT(1622567725289 123) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 636
X-XSS-Protection: 1; mode=block
X-Request-ID: ba1e5bdc-c6bb-4355-824d-fbcd5f00cb4d
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 01 Jun 2021 17:15:25 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 punktekonto-image-data.png
www.payback.de/resource/blob/3412/8d5e62a03b4ea19b012cb8251d3e0cb4/ 315 B
1 KB 17ms
16ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3412/8d5e62a03b4ea19b012cb8251d3e0cb4/punktekonto-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

0ca86d21e6be7e324a3d61012c2cc94e883f70576ff9a92e90a39a4905709e0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "8d5e62a03b4ea19b012cb8251d3e0cb4"
X-CDN: Imperva
X-Iinfo: 2-1344667-1340654 SNNy RT(1622567725291 118) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 315
X-XSS-Protection: 1; mode=block
X-Request-ID: 40342491-5481-4505-960c-affec97849d4
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 01 Jun 2021 17:15:25 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 login-image-data.png
www.payback.de/resource/blob/3400/dc922c9c7b2a52136667056d3a7a4182/ 508 B
1 KB 16ms
16ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3400/dc922c9c7b2a52136667056d3a7a4182/login-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

28af9f6d171abee4a869c2d45de8d41f32dde9483add8c9aa1519f9587534d26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "dc922c9c7b2a52136667056d3a7a4182"
X-CDN: Imperva
X-Iinfo: 7-2940382-2936529 SNNy RT(1622567725291 129) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 508
X-XSS-Protection: 1; mode=block
X-Request-ID: 7edf420f-fc5f-4ffd-9dd5-218e2f9689c8
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 01 Jun 2021 17:15:25 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 search--blue-10.svg
www.payback.de/blueberry/static/ui-core/1.310.0/one/assets/ 1 KB
2 KB 17ms
16ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/assets/search--blue-10.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

9d3ab89e6e0710ba6383ec39b6edd572eefdcadd456d38a78e6324a285f61d94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Referer: https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 8-1458969-1458580 SNNy RT(1622567725132 292) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: e044c3fa-799d-4d2f-bc33-4ce5b664f854
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"1487-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Tue, 15 Jun 2021 17:15:25 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payback.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 31333
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:12 GMT

GET
H/1.1 200 payback_light-webfont.woff
www.payback.de/blueberry/static/ui-core/1.310.0/one/fonts/ 82 KB
82 KB 32ms
27ms Font
application/font-woff 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.310.0/one/fonts/payback_light-webfont.woff

Requested by

Host: www.payback.de
URL: https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

67b9d3822a652a2879b0a50c8a2398045c5e8ca395786ce41cc6010ac2ada1f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.payback.de
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
Connection: keep-alive
Origin: https://www.payback.de
Referer: https://www.payback.de/blueberry/static/ui-core/1.310.0/one/pb-uicore.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:15:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 5-4199014-4192394 SNYy RT(1622567725291 131) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 8866af7b-8a07-4fd5-afe1-c519a65243e9
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"83468-499162500000"
Strict-Transport-Security: max-age=2592000
Content-Type: application/font-woff;charset=UTF-8
Expires: Tue, 15 Jun 2021 17:15:25 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Accept-Ranges: bytes
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payback.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 07:37:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
age: 34702
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
expires: Wed, 01 Jun 2022 07:37:03 GMT

GET
H2 200 b5290c5c-415b-4c0b-a4e1-25f3f002e97a.json Show response
cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/ 3 KB
2 KB 29ms
14ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/b5290c5c-415b-4c0b-a4e1-25f3f002e97a.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94bcce2dcdfe55eae81799d99383931b61e8f41c957afebcdf9c69f85dbd3a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Jun 2021 17:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dbZntsXQta5AyHFpxukFdA==
age: 3884
vary: Accept-Encoding
content-length: 1127
cf-request-id: 0a6a2bc2f600004e3272027000000001
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 15:17:50 GMT
server: cloudflare
etag: 0x8D8960C444122EA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0dd54e30-d01e-0172-0b5f-1fef8d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 658a157e5e184e32-FRA

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.de/ 1 B
123 B 7ms
6ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payback.de/_Incapsula_Resource?SWKMTFSR=1&e=0.27963501923671186
Requested by: Host: www.payback.de
URL: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
Cookie: JSESSIONID_BB=81F78916DA4DE1C29DE400F51D0F88C2; BIGipServerpool_pde_e3_blueberry_cae_a=!ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=; BIGipServerpool_pde_e3_lmsweb_httpd_a=!Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==; visid_incap_860291=0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD; incap_ses_729_860291=JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==; ___utmvc=uvy0UIuUAqKPJB2jeFyfR6yxLP2CQ0elHd4KrXzNbht0TpbtiJ96K1AXg3BuWttMe591hjA+FAH2DZ+DBFKKsZ+SiYHCeqthb6QIhHzk4QFMOcB4YJUoNS08LehVpNIZUNQqW7g34JPx6iW0gIwag/B5jwYW5NLta5Bp/bLU/xg4GuYOpOY6xLP8/3aiB/ubk1fgq73FwEt7NM7DKy4QfiMu5O39p7LS9XkeO32MmBczujjz+Z6xBsVqjGh4gl/jt3RSmhQpFykDuYIm+98iGIWGoNAEH2CGqM/yI6Yks80UCXJ9gjHf7y6yYCjRxRtJ7/ViWuI7AtpDIXOvnncVf4RHr3p066L5t34yUmx9pcrO7eJhlAaWCt84YByRdoeDKSSPKGv6iAaG8yYiK59lNFKyLPG+AuQaky16aWtKhuXdb9Y3MmH+a3QQRGJW+rNg8KSaB9oNX5IY0bqe161ZL4NKTKmaSigvGaaFNh7fKdlSK+pLpC93809tkYuOokNta3XYoN7JmdL1kTX9lUTOKlQhQAcA39Z56zKbJ7zAlbhqGhpQKWc3wGg0xNcFkUpCY0sDLZwJpB1pENkI0OjU32KvccUZUVcYzasy/TVIkBbLuhM1hivBm54we27SkfYRb1iF7Hvrw0EgTUP9gny4AWTaKe9Glc2E4it1mHgYxO5HA2TKX4YNRpJzgj+L8LS7rPOlkQFo7yucSyl9+kSZQu0LDuF5pkg4jqjztGVj9NrutETDizQHW3hiHQG2goi8rdUFIU+nR29mVybjWsV8t7DYyoc5WQBgg/0WlJyDZEpw+0W3YZbx5/UiqoReEYjaBDrz76t8hk2UnUN1CjfWZDgVYrBr6OVysaxyGbBQ+39pOr0J8g5cpvywaJZ3zN8gxXUEBO2jOimrdSB05Zr97q9J8RAeFWbrEJ83bBpOKM3q0CB7Dk/rtYkv11OgFJIerxiLFXnvPjfS1wV78G+tnQNT7Y1qnzvCmqgK375Ykw0yPrAas8PJ0V1WfR7AJbShkHgE65cqyIfkdlqViwcgBZrq+YWNmxxPKTJLgfvfKtCs3nS40EyezpPmOnnBCfodnmvOq5sstEZeadMuZVPoOImFc6FG2oSBdjRzBLk80+OQjcI448sJRSOvGcJmGwF150VCi4xCiLUw9AyXGkl+yCsXmhOEpjR4KNc5hE+k7x92lkpcNqqtgqARysu9DrxA8T9dnBsIaDQf+LBt+vI4nYJ2K0RnB/l5dspUo8wuAycbp9Cl+2Np2Nhfjqi0q3rHriGZFchoZGwC6ed0Up+vmnxEmRFUKVdkI2aCE2i7DlpaLXYY0Ygq92HZM2MT0cy4PZ17lFLVryWLPSq0g6nNILvkhpAZRpc9Djf7WqRaHUxaBB0gG+FqKi/MGrDimY1v/pOBwggYiATFScBeTQa613wBiJ+H8yTzTVOsZuuz2j8qBzBpSRuMpr7OX+6UNxrsixGwMYLiMzWhViv9qYu6sWXH7voR57TzhDNgQ/5YbX5dfL3OcXMmRMMLBEjWBh3D4/yBtMjDNaPjF+ADVPmdjchn63MV5rKqd4trd0c5Vc9NcgNdGvnmlHOTkXgy+CGlbSk3+pmfXU5ugNy5fT0aJUrXtX/waqEiI8o2+avjxOYqiRYLyqZv2tnQcdZx0RxLlZ24yKetx4xNnEZg9YLAV7/v4OVNb9Y+GDg8uACsa4ZPUSogmyXgexKfAA9jpwP98MF9zEWcYIhj+OuXapWERTvfealCTzD5uRTuwmcSrZT99kTpIzxhQxAnC+cL8wrC8ACYKx80636KswmIkjMfsP3frH7UceGoSunTwkBZvUo4EFjcP4cYwGDKB5F8O/XmLqOeNm0kvvHXew8jN++8GHJO4aGzzC1qDJEzHXY0TdmHUY9BQnqLL6eHHJN2vjN9/MUIjyT8NsJB3cHFHq3UvRW7UVoA57/BT0hXE8K3fH5CJvgU9/Gugr1j0KwNvKCrluDLbMvoowA/3PAEN0LlMO4TUtpF+dQEZ+YTVyR9vMGwVYzgwaYqUi8RDPf7MqcBR+dne+rQEI3luQqcyxEFJia3mk6dAsRgIL06Tro7gl/d4l9PwTUyus5nxnAJkS7QLwFB6egh3npk+dP2e7d9gt8j5ZQKHxFtKzFJhAua18yHLeT929rsZALkFVadkuoXTBalPC/wntvYhUfAm5C/Lc6Ddw8h34xB9UpdPCeePm/CDXlqzUQtIiXegLypIYvWKgjweMHCiJuWvQ/5IjWOun0qlxcpZLLDH6I/veTFbTicg6ge+oeJnKll9sjjXKmhTpwPIHm1Leqkik+DhOUOhyf/Q1UyWz65BX0pyrXBEaeFb/vdGCxkaWdlc3Q9MTYyMDcyLHM9OTk2NzY2Nzk5YmFiNjM5ZTc5YTk4ZDc3YTg5OWE0OTJhMThiOTRhNzk1OTQ2ZDlhODg2ODc0YTNhNTlmNzQ3OTVkOWZhMTZhN2M4NzZmNmQ=
Connection: keep-alive
Referer: https://www.payback.de/app/appagb?nlcid=53_20124_085&TrID=575124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

POST
H2 200 collector Show response
collector-pxfxx25tyn.px-cloud.net/api/v2/ 577 B
798 B 65ms
45ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxfxx25tyn.px-cloud.net/api/v2/collector
Requested by: Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0b9f6d1dcbdda885d92820606fe2145acd701f56c2202819656fe4e2882d5526

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Jun 2021 17:15:25 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.payback.de
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 577

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
408 B 32ms
19ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 17:15:25 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 658a157effca4a67-FRA
cf-request-id: 0a6a2bc35d00004a679b127000000001

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 13ms
13ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Jun 2021 17:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 4256
vary: Accept-Encoding
content-length: 75725
cf-request-id: 0a6a2bc4650000d6b9e31df000000001
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9af07538-101e-00e8-2dd3-51251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 658a1580a8acd6b9-FRA

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/96d81de6-4da2-47e8-b4ce-1630332051ae/ 60 KB
15 KB 13ms
13ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/96d81de6-4da2-47e8-b4ce-1630332051ae/de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e137d453ea90c5b03b906f0297bbdca1cd21899bcc4a3015b9e50ffdc98042b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Jun 2021 17:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zTbbCe3dlEF/Nx3bDRq8sw==
age: 3874
vary: Accept-Encoding
content-length: 14979
cf-request-id: 0a6a2bc48000004e324fb4e000000001
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 15:17:53 GMT
server: cloudflare
etag: 0x8D8960C4649D402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4e382daa-001e-00b8-4a5f-1f3a15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 658a1580cc9b4e32-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 13 KB
3 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Jun 2021 17:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
age: 4125
vary: Accept-Encoding
content-length: 3343
cf-request-id: 0a6a2bc49800004e327d13a000000001
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D721792550E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2063a813-b01e-00e5-7fa0-47ca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 658a1580fcea4e32-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 62 KB
15 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Jun 2021 17:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ue/MTNcIjSCNWtleQfbrzg==
age: 4242
vary: Accept-Encoding
content-length: 14986
cf-request-id: 0a6a2bc49800004e324fb52000000001
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D7217E98574
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6b47c5cd-a01e-00fa-5939-301101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 658a1580fcee4e32-FRA

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payback.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 01:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
age: 55715
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
expires: Wed, 01 Jun 2022 01:46:51 GMT

POST
H2 200 collector Show response
collector-pxfxx25tyn.px-cloud.net/api/v2/ 275 B
340 B 53ms
52ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxfxx25tyn.px-cloud.net/api/v2/collector
Requested by: Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 74a3a4184d75a8539779637980242c6f1fca35c30010502ce0f5736968a9b8eb

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Jun 2021 17:15:26 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.payback.de
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 275

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payback.de/	1970-01-20 03:28:23	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Jun+01+2021+19%3A15%3A26+GMT%2B0200+(Central+European+Summer+Time)&version=6.9.0&hosts=&consentId=50e936af-0865-4de9-8245-97ddfb6bb3a8&interactionCount=0&landingPath=https%3A%2F%2Fwww.payback.de%2Fapp%2Fappagb%3Fnlcid%3D53_20124_085%26TrID%3D575124&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
www.payback.de/	1970-01-19 18:42:47	Name: _pxff_rf Value: 1
www.payback.de/	1970-01-19 18:42:47	Name: ___utmvc Value: uvy0UIuUAqKPJB2jeFyfR6yxLP2CQ0elHd4KrXzNbht0TpbtiJ96K1AXg3BuWttMe591hjA+FAH2DZ+DBFKKsZ+SiYHCeqthb6QIhHzk4QFMOcB4YJUoNS08LehVpNIZUNQqW7g34JPx6iW0gIwag/B5jwYW5NLta5Bp/bLU/xg4GuYOpOY6xLP8/3aiB/ubk1fgq73FwEt7NM7DKy4QfiMu5O39p7LS9XkeO32MmBczujjz+Z6xBsVqjGh4gl/jt3RSmhQpFykDuYIm+98iGIWGoNAEH2CGqM/yI6Yks80UCXJ9gjHf7y6yYCjRxRtJ7/ViWuI7AtpDIXOvnncVf4RHr3p066L5t34yUmx9pcrO7eJhlAaWCt84YByRdoeDKSSPKGv6iAaG8yYiK59lNFKyLPG+AuQaky16aWtKhuXdb9Y3MmH+a3QQRGJW+rNg8KSaB9oNX5IY0bqe161ZL4NKTKmaSigvGaaFNh7fKdlSK+pLpC93809tkYuOokNta3XYoN7JmdL1kTX9lUTOKlQhQAcA39Z56zKbJ7zAlbhqGhpQKWc3wGg0xNcFkUpCY0sDLZwJpB1pENkI0OjU32KvccUZUVcYzasy/TVIkBbLuhM1hivBm54we27SkfYRb1iF7Hvrw0EgTUP9gny4AWTaKe9Glc2E4it1mHgYxO5HA2TKX4YNRpJzgj+L8LS7rPOlkQFo7yucSyl9+kSZQu0LDuF5pkg4jqjztGVj9NrutETDizQHW3hiHQG2goi8rdUFIU+nR29mVybjWsV8t7DYyoc5WQBgg/0WlJyDZEpw+0W3YZbx5/UiqoReEYjaBDrz76t8hk2UnUN1CjfWZDgVYrBr6OVysaxyGbBQ+39pOr0J8g5cpvywaJZ3zN8gxXUEBO2jOimrdSB05Zr97q9J8RAeFWbrEJ83bBpOKM3q0CB7Dk/rtYkv11OgFJIerxiLFXnvPjfS1wV78G+tnQNT7Y1qnzvCmqgK375Ykw0yPrAas8PJ0V1WfR7AJbShkHgE65cqyIfkdlqViwcgBZrq+YWNmxxPKTJLgfvfKtCs3nS40EyezpPmOnnBCfodnmvOq5sstEZeadMuZVPoOImFc6FG2oSBdjRzBLk80+OQjcI448sJRSOvGcJmGwF150VCi4xCiLUw9AyXGkl+yCsXmhOEpjR4KNc5hE+k7x92lkpcNqqtgqARysu9DrxA8T9dnBsIaDQf+LBt+vI4nYJ2K0RnB/l5dspUo8wuAycbp9Cl+2Np2Nhfjqi0q3rHriGZFchoZGwC6ed0Up+vmnxEmRFUKVdkI2aCE2i7DlpaLXYY0Ygq92HZM2MT0cy4PZ17lFLVryWLPSq0g6nNILvkhpAZRpc9Djf7WqRaHUxaBB0gG+FqKi/MGrDimY1v/pOBwggYiATFScBeTQa613wBiJ+H8yTzTVOsZuuz2j8qBzBpSRuMpr7OX+6UNxrsixGwMYLiMzWhViv9qYu6sWXH7voR57TzhDNgQ/5YbX5dfL3OcXMmRMMLBEjWBh3D4/yBtMjDNaPjF+ADVPmdjchn63MV5rKqd4trd0c5Vc9NcgNdGvnmlHOTkXgy+CGlbSk3+pmfXU5ugNy5fT0aJUrXtX/waqEiI8o2+avjxOYqiRYLyqZv2tnQcdZx0RxLlZ24yKetx4xNnEZg9YLAV7/v4OVNb9Y+GDg8uACsa4ZPUSogmyXgexKfAA9jpwP98MF9zEWcYIhj+OuXapWERTvfealCTzD5uRTuwmcSrZT99kTpIzxhQxAnC+cL8wrC8ACYKx80636KswmIkjMfsP3frH7UceGoSunTwkBZvUo4EFjcP4cYwGDKB5F8O/XmLqOeNm0kvvHXew8jN++8GHJO4aGzzC1qDJEzHXY0TdmHUY9BQnqLL6eHHJN2vjN9/MUIjyT8NsJB3cHFHq3UvRW7UVoA57/BT0hXE8K3fH5CJvgU9/Gugr1j0KwNvKCrluDLbMvoowA/3PAEN0LlMO4TUtpF+dQEZ+YTVyR9vMGwVYzgwaYqUi8RDPf7MqcBR+dne+rQEI3luQqcyxEFJia3mk6dAsRgIL06Tro7gl/d4l9PwTUyus5nxnAJkS7QLwFB6egh3npk+dP2e7d9gt8j5ZQKHxFtKzFJhAua18yHLeT929rsZALkFVadkuoXTBalPC/wntvYhUfAm5C/Lc6Ddw8h34xB9UpdPCeePm/CDXlqzUQtIiXegLypIYvWKgjweMHCiJuWvQ/5IjWOun0qlxcpZLLDH6I/veTFbTicg6ge+oeJnKll9sjjXKmhTpwPIHm1Leqkik+DhOUOhyf/Q1UyWz65BX0pyrXBEaeFb/vdGCxkaWdlc3Q9MTYyMDcyLHM9OTk2NzY2Nzk5YmFiNjM5ZTc5YTk4ZDc3YTg5OWE0OTJhMThiOTRhNzk1OTQ2ZDlhODg2ODc0YTNhNTlmNzQ3OTVkOWZhMTZhN2M4NzZmNmQ=
.payback.de/	1969-12-31 23:59:59	Name: incap_ses_729_860291 Value: JuYteRvh8ja3T8Bf+e0dCi1rtmAAAAAAsmecP4LPHsCZwRCpvbzvgw==
www.payback.de/	1970-01-19 18:45:40	Name: _px2 Value: eyJ1IjoiZjRiZTk1NTAtYzJmYy0xMWViLWFkMWEtMTkzMDJkM2UwYjdiIiwidiI6ImY0YzQ5ZDhmLWMyZmMtMTFlYi05YzhhLTAyNDJhYzEyMDAxOSIsInQiOjE2MjI1NjgyMjU5MzQsImgiOiI0MjJlMWQxYzNiMjQ2M2Y2YzBjN2RkMTRjODdhNTI2ZjdiMjY3NGFhMGE4ZjY5OWIzYjFiNDBjYWQxZDY5ZWUyIn0=
www.payback.de/	1969-12-31 23:59:59	Name: JSESSIONID_BB Value: 81F78916DA4DE1C29DE400F51D0F88C2
.payback.de/	1970-01-20 03:27:50	Name: visid_incap_860291 Value: 0EFQ5++EToir35F11txyyS1rtmAAAAAAQUIPAAAAAAC3mGXRRNRAN4DvxYs/C1MD
www.payback.de/	1970-01-20 03:28:23	Name: _pxvid Value: f4c49d8f-c2fc-11eb-9c8a-0242ac120019
www.payback.de/	1969-12-31 23:59:59	Name: BIGipServerpool_pde_e3_blueberry_cae_a Value: !ItoJ6kEAhsdo4DCc5zBp5pyMfR88mrweBvdl7RmhNLBnmbVuSxgp4bX5JecOexxmYvoBlfMRd8HjD/I=
www.payback.de/	1969-12-31 23:59:59	Name: BIGipServerpool_pde_e3_lmsweb_httpd_a Value: !Qt7yIYDv2LQNdbic5zBp5pyMfR88mi8oj6qCfY4yQW75uUqzDd+ecCrb2glAkxEuysu7ga458l8WBw==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
client.perimeterx.net
collector-pxfxx25tyn.px-cloud.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
newsletter5.payback.de
www.payback.de
151.101.13.40
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
35.186.220.184
45.60.14.82
78.35.37.225
0b9f6d1dcbdda885d92820606fe2145acd701f56c2202819656fe4e2882d5526
0ca86d21e6be7e324a3d61012c2cc94e883f70576ff9a92e90a39a4905709e0e
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
146afe6abcee9660473fc99510bdbc2d41d84e7baebf1a6943bfcec449e84148
1adc564d6fa9e43dd86d9e244ddb655a1b4059965c884fb50fb9d709434f1693
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d754872a908b87874f5cfdec3e59cb091bd9b053e00de0031c0da5424a28a82
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
28af9f6d171abee4a869c2d45de8d41f32dde9483add8c9aa1519f9587534d26
29823b0d418f705fa2d98365cafbcb850af6c9afd2e593d0dc3ac9990f3497a1
56ce899ef810c6652923230bbf8d13e7ac766c0f5a2c74a8fa19d0fc46d70e70
6151e1d1baf5d640ebad896fe1f6ecf8267d7c3034dcf42aff31144305304fcb
67b9d3822a652a2879b0a50c8a2398045c5e8ca395786ce41cc6010ac2ada1f5
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6a1513d00a8655faeceef04b2759a2a6cd664634b40dbbe775ab2d05cd87f216
6a6ea661b40efcbdec1e5a84a97ec5aca5eef7254b4adb3a494c7ff548504e14
733a2518392f870ef93bd540993cbbc273aa176655e5c0dc84c78ba1e7e96a21
74a3a4184d75a8539779637980242c6f1fca35c30010502ce0f5736968a9b8eb
76ee1685be4e740cc6a15a7227e6ccba02aaef4993da3f14dd2a1581eb9da58f
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
81555d29e6f803db44b7a11139445848d0443adabf70c761b159cf8cc73440d2
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
890dd6cd51f98c1647dbc6fb80ed9a53fda8954cc1ec81030a0051cc43b29220
8e137d453ea90c5b03b906f0297bbdca1cd21899bcc4a3015b9e50ffdc98042b
94bcce2dcdfe55eae81799d99383931b61e8f41c957afebcdf9c69f85dbd3a23
9d3ab89e6e0710ba6383ec39b6edd572eefdcadd456d38a78e6324a285f61d94
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a8e4eb24a21afb428b320c5eb32fcd5456456f05a26fc5c2b41de3bc77cb6b72
a938b29d41b6db51ad77e0ca4b71689cae58417b993749c4129dc678047ce993
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3a5e609d52b9875cce4a352b2470f47035f52863ce76b325c1bc9fd9954838c
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
de7b706b259c983ee202a6cd8998153ef00650fa774d4b8a8e64eca8fce1e634
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3c0504fb82fd1d7787aa24bccd037ea208558600e715e2803cf1064a85a35d
f46063e3a055bd5925559c69d710c9f25250c82dbcaeb6ae4cb8ae390ed74a77
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

www.payback.de Open in urlscan Pro 45.60.14.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

50 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

1169 kBTransfer

6059 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.payback.de Open in urlscan Pro
45.60.14.82 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

1169 kB
Transfer

6059 kB
Size

10
Cookies

37 HTTP transactions
0 data transactions