www.payback.de Open in urlscan Pro
45.60.14.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsletter6.payback.de/go/12/3YLI18NH-3YBYJBID-3YBYJBN6-GNP10OW.html
Effective URL:
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%...
Submission Tags: falconsandbox
Submission: On July 07 via api (July 7th 2021, 5:07:40 pm UTC) from US

Summary HTTP 33 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 45.60.14.82, located in United States and belongs to INCAPSULA, US. The main domain is www.payback.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 9th 2021. Valid for: a year.

This is the only time www.payback.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.169.180.252 193.169.180.252	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
2 20	45.60.14.82 45.60.14.82	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.13.40 151.101.13.40	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
33	8

1 193.169.180.252 (Germany) 1 redirects

ASN48173 (UNBELIEVABLE-AS, DE)
PTR: srv2.de

newsletter6.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 45.60.14.82 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.40 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

client.perimeterx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxfxx25tyn.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	payback.de 3 redirects newsletter6.payback.de www.payback.de	933 KB
6	cookielaw.org cdn.cookielaw.org	114 KB
3	px-cloud.net collector-pxfxx25tyn.px-cloud.net	2 KB
3	gstatic.com fonts.gstatic.com	44 KB
1	perimeterx.net client.perimeterx.net	42 KB
1	onetrust.com geolocation.onetrust.com	387 B
1	googleapis.com fonts.googleapis.com	776 B
33	7

	Domain	Requested by
20	www.payback.de	2 redirects www.payback.de
6	cdn.cookielaw.org	www.payback.de cdn.cookielaw.org
3	collector-pxfxx25tyn.px-cloud.net	client.perimeterx.net
3	fonts.gstatic.com	fonts.googleapis.com
1	client.perimeterx.net	www.payback.de
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	www.payback.de
1	newsletter6.payback.de	1 redirects
33	8

This site contains links to these domains. Also see Links.

Domain
www.payback.net
onetrust.com

Subject Issuer	Validity	Valid
www.payback.de DigiCert SHA2 Extended Validation Server CA	`2021-06-09` - `2022-07-10`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.perimeterx.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-16` - `2022-06-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-24` - `2021-09-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Frame ID: 46A4C23D5F5957C34527193AE4999639
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://newsletter6.payback.de/go/12/3YLI18NH-3YBYJBID-3YBYJBN6-GNP10OW.html HTTP 302
https://www.payback.de/pb/punktekonto/id/13598/?nlcid=52_20211_000&TrID=576777 HTTP 301
https://www.payback.de/pb/punktekonto/id/13598?nlcid=52_20211_000&TrID=576777 HTTP 301
https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777 Page URL
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlc... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1133 kB
Transfer

6041 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.payback.net/karriere/
Title: Arbeiten bei PAYBACK

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsletter6.payback.de/go/12/3YLI18NH-3YBYJBID-3YBYJBN6-GNP10OW.html HTTP 302
https://www.payback.de/pb/punktekonto/id/13598/?nlcid=52_20211_000&TrID=576777 HTTP 301
https://www.payback.de/pb/punktekonto/id/13598?nlcid=52_20211_000&TrID=576777 HTTP 301
https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777 Page URL
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newsletter6.payback.de/go/12/3YLI18NH-3YBYJBID-3YBYJBN6-GNP10OW.html HTTP 302
https://www.payback.de/pb/punktekonto/id/13598/?nlcid=52_20211_000&TrID=576777 HTTP 301
https://www.payback.de/pb/punktekonto/id/13598?nlcid=52_20211_000&TrID=576777 HTTP 301
https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777

33 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Cookie set punktekonto Show response
www.payback.de/
Redirect Chain

http://newsletter6.payback.de/go/12/3YLI18NH-3YBYJBID-3YBYJBN6-GNP10OW.html
https://www.payback.de/pb/punktekonto/id/13598/?nlcid=52_20211_000&TrID=576777
https://www.payback.de/pb/punktekonto/id/13598?nlcid=52_20211_000&TrID=576777
https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777

1 KB
2 KB

82ms
82ms

Document
text/html

45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

574de1e8b40545e3bc868dfff3eb518f556a33ecd27306bc7df5236ff4013e9e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.payback.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
Set-Cookie: JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; Path=/; Secure; HttpOnly cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; path=/; Httponly
Content-Security-Policy: frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Security-Policy: frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors *.payback.de
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=2592000
Content-Language: de-DE
X-Request-ID: 7c018d02-5e82-491f-9bcb-76bba47dc9c8
Content-Encoding: gzip
X-CDN: Imperva
X-Iinfo: 12-50098307-50090579 SNNy RT(1625677639456 182) q(0 0 0 -1) r(1 1) U5

Redirect headers

Server: nginx
Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777
X-Request-ID: e11472b0-ea9b-4830-ba9f-65f2055b7d42
Strict-Transport-Security: max-age=2592000
Set-Cookie: visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; expires=Thu, 07 Jul 2022 12:21:29 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; path=/; Domain=.payback.de ___utmvbvkuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT ___utmvmvkuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT
X-CDN: Imperva
X-Iinfo: 12-50098307-50090579 SNNy RT(1625677639456 111) q(0 0 0 -1) r(1 1) U5

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.de/ 133 KB
19 KB 13ms
13ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=3&cb=1172652642
Requested by: Host: www.payback.de
URL: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Connection: keep-alive
Referer: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 19388
Content-Type: application/javascript

GET
H/1.1 200 Primary Request Cookie set login Show response
www.payback.de/ 48 KB
10 KB 115ms
101ms Document
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Requested by

Host: www.payback.de
URL: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

2f1684e29c8ac8ba4149b62e4f8845d1739331e1f85dad35999a48a389c4b271

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.payback.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.payback.de/punktekonto?nlcid=52_20211_000&TrID=576777

Response headers

Server: nginx
Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Strict-Transport-Security: max-age=2592000
X-XSS-Protection: 1; mode=block
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Cache-Control: max-age=0
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Language: de
X-Request-ID: 1e6ebd6d-ff65-4ba9-ba25-8c5b5cff7b74
X-CDN: Imperva
X-Iinfo: 12-50098307-50090579 SNNy RT(1625677639456 289) q(0 0 0 -1) r(1 1) U5

GET
H2 200 css
fonts.googleapis.com/ 6 KB
776 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 15:11:35 GMT
server: ESF
date: Wed, 07 Jul 2021 17:07:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 17:07:20 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 16ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e51cc8fa0f52b2b6153113a2bfb1d39b01709057d3cccff2bd5603fd828513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jul 2021 17:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9CH7M63ILfh8MB6VTJcGFA==
age: 7176
vary: Accept-Encoding
content-length: 5811
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:52 GMT
server: cloudflare
etag: 0x8D941124E24A2D2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f1013101-301e-00dd-63fe-728b48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66b2ab256fee2c4a-FRA

GET
H/1.1 200 pb-runtime-loader.js Show response
www.payback.de/blueberry/static/ui-core/1.343.0/one/ 77 KB
20 KB 23ms
21ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-runtime-loader.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

cf88ccd744f9a0df18b3f08b098d56b95eb1502901a09d620413d96e095e7fd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-50098307-50090579 SNNy RT(1625677639456 400) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: a235c2e2-2491-415d-a20b-df0cc01e4669
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"78425-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Wed, 21 Jul 2021 17:07:20 GMT

GET
H/1.1 200 pb-uicore.js Show response
www.payback.de/blueberry/static/ui-core/1.343.0/one/ 3 MB
648 KB 18ms
18ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

f0a1b27af03cb2d37b20540e246d3534d6d6673e576ab78f99ac76132567dc9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-50098347-50090579 SNNy RT(1625677639862 72) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 68536cba-b131-412b-9e5f-d7701052b5eb
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
ETag: W/"3580092-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Wed, 21 Jul 2021 17:07:20 GMT

GET
H/1.1 200 Cookie set ab-test-is-anonymous.js Show response
www.payback.de/resources/js/ 26 B
1 KB 142ms
141ms Script
text/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resources/js/ab-test-is-anonymous.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

a8e4eb24a21afb428b320c5eb32fcd5456456f05a26fc5c2b41de3bc77cb6b72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 4-4621755-4621757 NNYN CT(26 65 0) RT(1625677640272 106) q(0 0 1 0) r(2 2) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 4eee169d-3087-43f9-9c05-90f20acbeee4
Pragma: no-cache
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Type: text/javascript;charset=ISO-8859-1
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; path=/; Domain=.payback.de ___utmvmEZBuFFYt=TtQaZTGstuJ; path=/; Max-Age=900 ___utmvaEZBuFFYt=aEQNTPn; path=/; Max-Age=900 ___utmvbEZBuFFYt=oZk XneOpalQ: LtA; path=/; Max-Age=900
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set perimeter-x Show response
www.payback.de/resources/js/ 226 B
1 KB 44ms
23ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resources/js/perimeter-x

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

890dd6cd51f98c1647dbc6fb80ed9a53fda8954cc1ec81030a0051cc43b29220

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-50098347-50090579 PNYy RT(1625677639862 14) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 8ce9fcab-17fd-47ff-a0b4-8021317c5a60
Pragma: no-cache
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set pb_logo--mobile-blue.svg
www.payback.de/blueberry/static/ui-core/1.343.0/assets/logos/ 5 KB
3 KB 50ms
48ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/assets/logos/pb_logo--mobile-blue.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

1d754872a908b87874f5cfdec3e59cb091bd9b053e00de0031c0da5424a28a82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; ___utmvmEZBuFFYt=TtQaZTGstuJ; ___utmvbEZBuFFYt=oZk XneOpalQ: LtA
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 4-4621755-4621757 SNNN RT(1625677640272 252) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 7aa159d9-0f14-42fa-9b24-400f70b63eb4
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"4648-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Wed, 21 Jul 2021 17:07:20 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; expires=Thu, 07 Jul 2022 08:18:25 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; path=/; Domain=.payback.de ___utmvbEZBuFFYt=a; Max-Age=0; path=/; expires=Thu, 01 Jul 2021 08:13:40 GMT ___utmvmEZBuFFYt=a; Max-Age=0; path=/; expires=Thu, 01 Jul 2021 08:13:40 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set pb_logo--desktop.svg
www.payback.de/blueberry/static/ui-core/1.343.0/assets/logos/ 9 KB
4 KB 27ms
25ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/assets/logos/pb_logo--desktop.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

146afe6abcee9660473fc99510bdbc2d41d84e7baebf1a6943bfcec449e84148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; ___utmvmEZBuFFYt=TtQaZTGstuJ; ___utmvbEZBuFFYt=oZk XneOpalQ: LtA
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-50098307-50050009 PNNy RT(1625677639456 553) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 80b01a79-da09-430c-a94c-7daada5f5f9c
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"9142-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Wed, 21 Jul 2021 17:07:20 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie: visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; expires=Thu, 07 Jul 2022 12:21:29 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; path=/; Domain=.payback.de ___utmvbEZBuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT ___utmvmEZBuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 Cookie set pointee-payback-ist-sicher-resdata4.gif
www.payback.de/resource/blob/207540/f25a94901eb073ac8acc21ae2555636f/ 15 KB
17 KB 38ms
23ms Image
image/gif 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/207540/f25a94901eb073ac8acc21ae2555636f/pointee-payback-ist-sicher-resdata4.gif

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

1b003a5a36ae23f1f9b860122f7d947ca2ecc24b68e9408a23119a8cd0e629a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; ___utmvmEZBuFFYt=TtQaZTGstuJ; ___utmvbEZBuFFYt=oZk XneOpalQ: LtA
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "f25a94901eb073ac8acc21ae2555636f"
X-CDN: Imperva
X-Iinfo: 9-20288214-20287018 PNNy RT(1625677640008 11) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 15730
X-XSS-Protection: 1; mode=block
X-Request-ID: 977795e3-ae4b-404e-a1f6-8237cd733266
Server: nginx
Date: Wed, 07 Jul 2021 17:07:20 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Language: de-DE
Cache-Control: max-age=15552000
Set-Cookie: visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; expires=Thu, 07 Jul 2022 12:21:29 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; path=/; Domain=.payback.de ___utmvbEZBuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT ___utmvmEZBuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT
Accept-Ranges: bytes
Content-Type: image/gif;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pb-uicore.css
www.payback.de/blueberry/static/ui-core/1.343.0/one/ 1 MB
97 KB 17ms
16ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

b2080c7184676b5deb2e1706384493bc73bb24ef52db259f45bd18208c7aeb8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-50098347-50090579 SNNy RT(1625677639862 43) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: ee9a010a-a1d0-416b-b060-154c93ec4140
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"1405250-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Wed, 21 Jul 2021 17:07:20 GMT

GET
H/1.1 200
OK Cookie set _Incapsula_Resource Show response
www.payback.de/ 131 KB
19 KB 29ms
14ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=5&cb=333419673
Requested by: Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b7b2f9d0cf0c2d884e1051f858caed47482b1104edfc419e630598f2a2a073d4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; ___utmvmEZBuFFYt=TtQaZTGstuJ; ___utmvbEZBuFFYt=oZk XneOpalQ: LtA
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding: gzip
Set-Cookie: visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; expires=Thu, 07 Jul 2022 12:21:29 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; path=/; Domain=.payback.de ___utmvbEZBuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT ___utmvmEZBuFFYt=a; Max-Age=0; path=/; expires=Tue, 29 Jun 2021 12:15:28 GMT
X-Robots-Tag: noindex
Content-Length: 19208
Cache-Control: no-cache, no-store
Content-Type: application/javascript

GET
H2 200 b5290c5c-415b-4c0b-a4e1-25f3f002e97a.json Show response
cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/ 3 KB
1 KB 19ms
18ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/b5290c5c-415b-4c0b-a4e1-25f3f002e97a.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94bcce2dcdfe55eae81799d99383931b61e8f41c957afebcdf9c69f85dbd3a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jul 2021 17:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dbZntsXQta5AyHFpxukFdA==
age: 2324
vary: Accept-Encoding
content-length: 1127
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 15:17:50 GMT
server: cloudflare
etag: 0x8D8960C444122EA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0dd54e30-d01e-0172-0b5f-1fef8d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66b2ab258c5a4e43-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
387 B 39ms
19ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:07:20 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66b2ab266d624e8c-FRA

GET
H2 200 main.min.js Show response
client.perimeterx.net/PXFxX25TyN/ 120 KB
42 KB 55ms
14ms Script
application/javascript 151.101.13.40
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Requested by: Host: www.payback.de
URL: https://www.payback.de/resources/js/perimeter-x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.40 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a59a89a68cef0c473061f4aacae78c38c96d3665cf7db99a34582b4c1de6d4c

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:07:20 GMT
content-encoding: gzip
age: 390
x-cache: HIT
content-length: 42732
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
x-timer: S1625677641.730545,VS0,VE0
active-cdn: fastly
etag: W/"1e194-BbzzPO1lm22U6r4p76OcJRWoKI8"
x-px-hash: MGM5OWQ0ZjRlNDBmNzcxZWJhYWVjMTAwNWExNzdjZDY4OTY2ODhmMGFjZDIyZDM1ZDg0ZGRjOGNlZTdkNjM0ZQ==
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: active-cdn,x-served-by
cache-control: max-age=600,stale-while-revalidate=60,stale-if-error=3600
accept-ranges: bytes
x-cache-hits: 13

GET
H/1.1 200 icnMailBlue.svg
www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/ 1 KB
2 KB 49ms
47ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/icnMailBlue.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e8146bea29a3d1ec4f7ba4e8766995d62bfb8b71272eb7f5d0cad95b5e912503

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==
Connection: keep-alive
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 4-4621755-4621757 SNNN RT(1625677640272 312) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 6d06083f-9984-431a-9ef9-0923b505ec80
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"1355-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Wed, 21 Jul 2021 17:07:20 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 icn_showpassword.png
www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/ 522 B
1 KB 20ms
19ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/icn_showpassword.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

02cf2d2f6d45808f8959c66f5ea69abe7889ca3a3c94037335987aa64f276a33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==
Connection: keep-alive
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options: nosniff
X-CDN: Imperva
X-Iinfo: 9-20288214-20287018 SNNy RT(1625677640008 54) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 522
X-XSS-Protection: 1; mode=block
X-Request-ID: e5c94181-5c0f-4193-bbb8-24a18245df64
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
Date: Wed, 07 Jul 2021 17:07:20 GMT
Strict-Transport-Security: max-age=2592000
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=1209600
ETag: W/"522-499162500000"
Accept-Ranges: bytes
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 icnKeyBlue.svg
www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/ 2 KB
2 KB 20ms
20ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/icnKeyBlue.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

f20f18e2124e64b7f7cc6bbb73a0f8c8a034c9c3c35c1e9f4111ad3613d0c20a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==
Connection: keep-alive
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 13-66109893-66099505 PNNN RT(1625677640008 54) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: f0a99784-0bc2-47a2-8891-bcbc0f434fe5
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"1588-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Wed, 21 Jul 2021 17:07:20 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c34f720ad8770f232e3ece2ef003c9ca61ca1ac3a7235fd08043fd2150fa96e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 icnArrows.svg
www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/ 2 KB
1 KB 20ms
20ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/assets/icnArrows.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

328db72bace543ca787f3050aec1f174f010141a93947a2ec32da7cfbd76f41d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==
Connection: keep-alive
Referer: https://www.payback.de/blueberry/static/ui-core/1.343.0/one/pb-uicore.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-50098307-50050009 SNNy RT(1625677639456 610) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 58e99c2e-363e-4245-93e0-d82646956fff
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"2357-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Wed, 21 Jul 2021 17:07:20 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 payback_light-webfont.woff
www.payback.de/blueberry/static/ui-core/1.343.0/one/fonts/ 82 KB
82 KB 40ms
19ms Font
application/font-woff 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.343.0/one/fonts/payback_light-webfont.woff

Requested by

Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

67b9d3822a652a2879b0a50c8a2398045c5e8ca395786ce41cc6010ac2ada1f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.payback.de
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==
Connection: keep-alive
Origin: https://www.payback.de
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 17:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 9-20288214-20287018 SNYy RT(1625677640008 77) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: c00ce3b1-ebab-4874-bbf4-343d2dcc2c6e
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"83468-499162500000"
Strict-Transport-Security: max-age=2592000
Content-Type: application/font-woff;charset=UTF-8
Expires: Wed, 21 Jul 2021 17:07:20 GMT
Cache-Control: max-age=1209600 public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Accept-Ranges: bytes
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payback.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 11:17:37 GMT
x-content-type-options: nosniff
age: 107383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:17:37 GMT

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.de/ 1 B
123 B 7ms
7ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payback.de/_Incapsula_Resource?SWKMTFSR=1&e=0.055116216591245326
Requested by: Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.payback.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
Cookie: BIGipServerpool_pde_e3_lmsweb_httpd_a=!i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==; visid_incap_860291=UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut; incap_ses_875_860291=nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==; JSESSIONID_BB=B2CBE04C8E1319A0494613D442090C6E; BIGipServerpool_pde_e3_blueberry_cae_a=!yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=; incap_ses_1101_860291=LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==; ___utmvc=p2aRhf7IfjNkaXQkfn20zHzzqa4ydjmoRvhl4tPjm/CF7JuHq4h2iWgshj0uwvhrIw4whQcOC8c/yaI1QQiu+7ZJkfZAsCCL2E4IC4BODZoo6/Zrr0LbQPnzetCDU+eI5b5oBS1id/yGZJ2fszu5Y0L7VQbrY5b3qBXGIpb2t53J2t+wVW2l5we+tF1TQZh7o35xf153LR6ahd+jKwtsZJK3SDr/oLXYkoW/m2SEgjjuQe5eVCaFRUZt0U9pjVo+nThzEZnJ8YgSKVnWn/yl3zGaYpfa1gznAPoMyGNm8dyNafssksP/b/wlF2RZJj8d1ni0vIGs2mu4RYd+kymwgnrtey4nH+++9epN2XxABEzB5BVdiZaisQ1sLx6GfDoJCd7tyFcXoX8+7Hb2PU/wyeGVAR/AlCKbpb87hsoblc/NuK+UONRlNKkFCTEXnJw8sREosx3D4tueK9t3CbXWFwiAV3i9vJShYT4d3YizS8eoVmUExaL8pR/Vkrn4BKEo1TSieyThjy6l0ltjtnZYFgGJWv2UL6PL4pp80B6u2qzBAr7cj/L7Xoy7+zlZ6HR9D4SE/kJJpOtVGhUlA+JlQT6HP9gbBqPFcMaLlLHRaANPWbjHqfbh++epeN2r2GFf7KkQXjyr9AN80QVDSVPzdCWlr7VQ1Z/BxdtxXMwtngGPv/K6m0JLZQlEZZcHxBJC6snHc57D5goJU/KgPwI7tH30kvDmyB+bcgvPVHawyNH+qkEfIMWBqBGJAScLdrzYBR8kHd8eNp3uOo4QTpWrVh9MxJmttjlgtKNOoF4T4yDidN7Et1MiP+nzYvJMMhHFOCdSkNfKQJv7Z62VmICM0adRB21TXlptrBYb25i5EtNytOh/yFqnQB+IX0ihElp2GmXNhxzO4Ws5PgW7VF6fVOnmr1bP6PdQ2kITPf5eTpOtuikBvQmaYeXScRYSBtBlMkAAutGR9/eOBmN9GufuT1W7RgAn1WDuBXW4lEQdC46lcouTKpxJxN65oVVZUVSBox7Fw2oQXn8tvT9N2KQJxQfvxjHhx3JKFsXVgG5Z1A54Fh9WDZPs7g+tqEpyiIfs5Tins0kX+q4d3dAQUiOB9DuYe3x9PAJ62Tp3qJ/whg78MS0/t6QIj6g+5qcQcK+dIhLW3nuEDhJ6l57KI8xL10DYOm0VGIvbl4xTmLh5CKPgLSdtPszyYYlE9+4ZsSoHO6M7hR4P5Y6/0HIhAhVo2htbidVgUOKNF/M0xVUTXGa+q54rKN7dq8HYTNN5Hs4zjF/F/+43SfUbIgMghcm3K886ZEcPlSSjohF3rtKcMTE+4dvTRsR7H2oyJWYLDMQy9lQ7yAufAIdNWRKOPi87qKUefqJ5Tw2RLCYpOhlHDwTP0AtVT29vvYTwmJfxFJc5Ij4kQ2wFEgpPCVwCdnOSy2ryGtYjCuxRDSKgWAtcyDmwf9Agfh/O65a/D3tzV4jrh9JDyy0cf97qqPE8gIAkReboVHPmYKSDJFA6UcubcAvBxSQtyRGVMRIi48A7tqMmXxuAlfGgEt3g3RwIs9LFwnDqTi4/pRCJSPmBH7lgcRYCskZeDuBRksUtir3TmMrvqe8OUMoZzwBbBhaF/bz79etjAieOwfIs3mX/Q6d7x3s611FBaeYvRQePO211mz/evJxy2v/CH5lLzTx8Bc+JE+imNkrMA2p3RN3eRbr4DRwpSA3FCDmabtZtqYQIltFpe+pLMv61RrNpNHiW/xbU/A5Vaoo0PR8qoAGevvQFMQm29tevxJkwDDwivBvqvGc4iNpyWIi/q+ENEFatH4yOxW0/1wRv865CA/pfVaCwPRPrvxitMVbN/cv/6ML8vUPg4w0/PCDLEXcqO2qt7rrLXrtNVZo9hCkOdaLi7xDk/h3YdwRa6Lrk+jzswJ2DWac8Bk1l71Ud3MLqJr0AN0dAXVgDz3BlmUzYTwYwOV2eCIfs+6F5sINdVLA0E1aovq5lBs0Tk4t/Hg27bxuZL2mWM7ooKgUjeman7OyZTB6UX7Yzq9Vfu7mY+FKiYOmNlR6ILGRpZ2VzdD0xNDAwMzMsMTQwMjkxLHM9N2RhZGE3YTc3ZDllOTM4Nzg3YTk4N2FlOTlhNmFjODc3MzY5N2I5YTdmYTI3OTk4OGE1YzljYTI2MjliOWNhODgxN2I4ZWEwN2RhMDZlNmU=
Connection: keep-alive
Referer: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Fpunktekonto%253Fnlcid%253D52_20211_000%2526TrID%253D576777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 13ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jul 2021 17:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 1898
vary: Accept-Encoding
content-length: 75725
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9af07538-101e-00e8-2dd3-51251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66b2ab273c002c4a-FRA

POST
H2 200 collector Show response
collector-pxfxx25tyn.px-cloud.net/api/v2/ 641 B
862 B 55ms
32ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxfxx25tyn.px-cloud.net/api/v2/collector
Requested by: Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 5bfe95f817d9ad4af1ef828e5db4d96c3a2b6774634ea7294ea0885e5a0363a7

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Jul 2021 17:07:20 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.payback.de
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 641

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/96d81de6-4da2-47e8-b4ce-1630332051ae/ 60 KB
15 KB 13ms
12ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/96d81de6-4da2-47e8-b4ce-1630332051ae/de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e137d453ea90c5b03b906f0297bbdca1cd21899bcc4a3015b9e50ffdc98042b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jul 2021 17:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zTbbCe3dlEF/Nx3bDRq8sw==
age: 2282
vary: Accept-Encoding
content-length: 14979
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 15:17:53 GMT
server: cloudflare
etag: 0x8D8960C4649D402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4e382daa-001e-00b8-4a5f-1f3a15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66b2ab291d6d4e43-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 13 KB
3 KB 17ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jul 2021 17:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
age: 2262
vary: Accept-Encoding
content-length: 3343
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D721792550E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d85eab7b-601e-0160-6c0e-5fdb91000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66b2ab297e584e43-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 62 KB
15 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jul 2021 17:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ue/MTNcIjSCNWtleQfbrzg==
age: 3297
vary: Accept-Encoding
content-length: 14986
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D7217E98574
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6b47c5cd-a01e-00fa-5939-301101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66b2ab297e5d4e43-FRA

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payback.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:01:52 GMT
x-content-type-options: nosniff
age: 144329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:01:52 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payback.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:06:01 GMT
x-content-type-options: nosniff
age: 151280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 23:06:01 GMT

POST
H2 200 collector Show response
collector-pxfxx25tyn.px-cloud.net/api/v2/ 275 B
340 B 40ms
39ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxfxx25tyn.px-cloud.net/api/v2/collector
Requested by: Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 5e4fdacdb65c91ca4abbc7f0e2aedd01d933377fa4125ff12eee7f00e2775ce6

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Jul 2021 17:07:20 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.payback.de
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 275

POST
H2 200 collector Show response
collector-pxfxx25tyn.px-cloud.net/api/v2/ 275 B
336 B 32ms
32ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxfxx25tyn.px-cloud.net/api/v2/collector
Requested by: Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXFxX25TyN/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 852bd154d3fd697f9e06150ea2c327fece2e97407567b62e7897e1b747467de2

Request headers

Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Jul 2021 17:07:23 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.payback.de
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 275

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payback.de/	1970-01-20 04:20:13	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Jul+07+2021+19%3A07%3A21+GMT%2B0200+(Central+European+Summer+Time)&version=6.9.0&hosts=&consentId=36433ad5-b41f-412d-9a83-60258c890fe6&interactionCount=0&landingPath=https%3A%2F%2Fwww.payback.de%2Flogin%3FredirectUrl%3Dhttps%25253A%25252F%25252Fwww.payback.de%25252Fpunktekonto%25253Fnlcid%25253D52_20211_000%252526TrID%25253D576777&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
www.payback.de/	1970-01-19 19:34:37	Name: _pxff_fp Value: 1
www.payback.de/	1969-12-31 23:59:59	Name: pxcts Value: caa76e80-df45-11eb-a954-972508d72441
.payback.de/	1969-12-31 23:59:59	Name: incap_ses_1101_860291 Value: LEtkEB5CFE+2siT3uolHD0jf5WAAAAAAhM8mZmSVz0znXosmbV+vog==
www.payback.de/	1970-01-20 04:20:13	Name: _pxvid Value: caa726ad-df45-11eb-9f69-0242ac120006
www.payback.de/	1969-12-31 23:59:59	Name: BIGipServerpool_pde_e3_lmsweb_httpd_a Value: !i30QH/VLHD8YupvfJdj64N9VygnQdfS/ZDwlG4qSOC1oJ+ViyaH76x022TxTi7O+GDETgXPhCkr5+A==
www.payback.de/	1969-12-31 23:59:59	Name: BIGipServerpool_pde_e3_blueberry_cae_a Value: !yVlV/fwiQRgLdvrfJdj64N9VygnQdY21GFrTyAt6pbW7Ig1lQjwPjqkaBQkLms//3RRrmdo3h+Cp4jw=
www.payback.de/	1970-01-19 19:34:37	Name: ___utmvc Value: p2aRhf7IfjNkaXQkfn20zHzzqa4ydjmoRvhl4tPjm/CF7JuHq4h2iWgshj0uwvhrIw4whQcOC8c/yaI1QQiu+7ZJkfZAsCCL2E4IC4BODZoo6/Zrr0LbQPnzetCDU+eI5b5oBS1id/yGZJ2fszu5Y0L7VQbrY5b3qBXGIpb2t53J2t+wVW2l5we+tF1TQZh7o35xf153LR6ahd+jKwtsZJK3SDr/oLXYkoW/m2SEgjjuQe5eVCaFRUZt0U9pjVo+nThzEZnJ8YgSKVnWn/yl3zGaYpfa1gznAPoMyGNm8dyNafssksP/b/wlF2RZJj8d1ni0vIGs2mu4RYd+kymwgnrtey4nH+++9epN2XxABEzB5BVdiZaisQ1sLx6GfDoJCd7tyFcXoX8+7Hb2PU/wyeGVAR/AlCKbpb87hsoblc/NuK+UONRlNKkFCTEXnJw8sREosx3D4tueK9t3CbXWFwiAV3i9vJShYT4d3YizS8eoVmUExaL8pR/Vkrn4BKEo1TSieyThjy6l0ltjtnZYFgGJWv2UL6PL4pp80B6u2qzBAr7cj/L7Xoy7+zlZ6HR9D4SE/kJJpOtVGhUlA+JlQT6HP9gbBqPFcMaLlLHRaANPWbjHqfbh++epeN2r2GFf7KkQXjyr9AN80QVDSVPzdCWlr7VQ1Z/BxdtxXMwtngGPv/K6m0JLZQlEZZcHxBJC6snHc57D5goJU/KgPwI7tH30kvDmyB+bcgvPVHawyNH+qkEfIMWBqBGJAScLdrzYBR8kHd8eNp3uOo4QTpWrVh9MxJmttjlgtKNOoF4T4yDidN7Et1MiP+nzYvJMMhHFOCdSkNfKQJv7Z62VmICM0adRB21TXlptrBYb25i5EtNytOh/yFqnQB+IX0ihElp2GmXNhxzO4Ws5PgW7VF6fVOnmr1bP6PdQ2kITPf5eTpOtuikBvQmaYeXScRYSBtBlMkAAutGR9/eOBmN9GufuT1W7RgAn1WDuBXW4lEQdC46lcouTKpxJxN65oVVZUVSBox7Fw2oQXn8tvT9N2KQJxQfvxjHhx3JKFsXVgG5Z1A54Fh9WDZPs7g+tqEpyiIfs5Tins0kX+q4d3dAQUiOB9DuYe3x9PAJ62Tp3qJ/whg78MS0/t6QIj6g+5qcQcK+dIhLW3nuEDhJ6l57KI8xL10DYOm0VGIvbl4xTmLh5CKPgLSdtPszyYYlE9+4ZsSoHO6M7hR4P5Y6/0HIhAhVo2htbidVgUOKNF/M0xVUTXGa+q54rKN7dq8HYTNN5Hs4zjF/F/+43SfUbIgMghcm3K886ZEcPlSSjohF3rtKcMTE+4dvTRsR7H2oyJWYLDMQy9lQ7yAufAIdNWRKOPi87qKUefqJ5Tw2RLCYpOhlHDwTP0AtVT29vvYTwmJfxFJc5Ij4kQ2wFEgpPCVwCdnOSy2ryGtYjCuxRDSKgWAtcyDmwf9Agfh/O65a/D3tzV4jrh9JDyy0cf97qqPE8gIAkReboVHPmYKSDJFA6UcubcAvBxSQtyRGVMRIi48A7tqMmXxuAlfGgEt3g3RwIs9LFwnDqTi4/pRCJSPmBH7lgcRYCskZeDuBRksUtir3TmMrvqe8OUMoZzwBbBhaF/bz79etjAieOwfIs3mX/Q6d7x3s611FBaeYvRQePO211mz/evJxy2v/CH5lLzTx8Bc+JE+imNkrMA2p3RN3eRbr4DRwpSA3FCDmabtZtqYQIltFpe+pLMv61RrNpNHiW/xbU/A5Vaoo0PR8qoAGevvQFMQm29tevxJkwDDwivBvqvGc4iNpyWIi/q+ENEFatH4yOxW0/1wRv865CA/pfVaCwPRPrvxitMVbN/cv/6ML8vUPg4w0/PCDLEXcqO2qt7rrLXrtNVZo9hCkOdaLi7xDk/h3YdwRa6Lrk+jzswJ2DWac8Bk1l71Ud3MLqJr0AN0dAXVgDz3BlmUzYTwYwOV2eCIfs+6F5sINdVLA0E1aovq5lBs0Tk4t/Hg27bxuZL2mWM7ooKgUjeman7OyZTB6UX7Yzq9Vfu7mY+FKiYOmNlR6ILGRpZ2VzdD0xNDAwMzMsMTQwMjkxLHM9N2RhZGE3YTc3ZDllOTM4Nzg3YTk4N2FlOTlhNmFjODc3MzY5N2I5YTdmYTI3OTk4OGE1YzljYTI2MjliOWNhODgxN2I4ZWEwN2RhMDZlNmU=
.payback.de/	1969-12-31 23:59:59	Name: incap_ses_875_860291 Value: nt0OF8+O0jokdf3JC6AkDEff5WAAAAAAD7kjRD9EBdixzcJKzW12VQ==
www.payback.de/	1970-01-19 19:37:30	Name: _px2 Value: eyJ1IjoiY2FhMDkwYjAtZGY0NS0xMWViLWFlOGQtNDFiOWQyMDg1NmRkIiwidiI6ImNhYTcyNmFkLWRmNDUtMTFlYi05ZjY5LTAyNDJhYzEyMDAwNiIsInQiOjE2MjU2NzgxNDEwODMsImgiOiIzNGEyZDBlMGYxMWI4NzBmOThhZDI1OWFkNDQwNzgwOTc0Y2U3ZWU2NjUzNGUwMWM4MGM4MjE2YzczY2FlNDg3In0=
.payback.de/	1970-01-20 04:19:41	Name: visid_incap_860291 Value: UVqSt+qyRVSHjvezFHxhTkff5WAAAAAAQUIPAAAAAABqbqys36+g8FCcWnrsLZut
www.payback.de/	1969-12-31 23:59:59	Name: JSESSIONID_BB Value: B2CBE04C8E1319A0494613D442090C6E

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
client.perimeterx.net
collector-pxfxx25tyn.px-cloud.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
newsletter6.payback.de
www.payback.de
151.101.13.40
193.169.180.252
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
35.186.220.184
45.60.14.82
02cf2d2f6d45808f8959c66f5ea69abe7889ca3a3c94037335987aa64f276a33
0a59a89a68cef0c473061f4aacae78c38c96d3665cf7db99a34582b4c1de6d4c
146afe6abcee9660473fc99510bdbc2d41d84e7baebf1a6943bfcec449e84148
1b003a5a36ae23f1f9b860122f7d947ca2ecc24b68e9408a23119a8cd0e629a5
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d754872a908b87874f5cfdec3e59cb091bd9b053e00de0031c0da5424a28a82
20e51cc8fa0f52b2b6153113a2bfb1d39b01709057d3cccff2bd5603fd828513
2f1684e29c8ac8ba4149b62e4f8845d1739331e1f85dad35999a48a389c4b271
328db72bace543ca787f3050aec1f174f010141a93947a2ec32da7cfbd76f41d
574de1e8b40545e3bc868dfff3eb518f556a33ecd27306bc7df5236ff4013e9e
5bfe95f817d9ad4af1ef828e5db4d96c3a2b6774634ea7294ea0885e5a0363a7
5e4fdacdb65c91ca4abbc7f0e2aedd01d933377fa4125ff12eee7f00e2775ce6
67b9d3822a652a2879b0a50c8a2398045c5e8ca395786ce41cc6010ac2ada1f5
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
852bd154d3fd697f9e06150ea2c327fece2e97407567b62e7897e1b747467de2
890dd6cd51f98c1647dbc6fb80ed9a53fda8954cc1ec81030a0051cc43b29220
8e137d453ea90c5b03b906f0297bbdca1cd21899bcc4a3015b9e50ffdc98042b
94bcce2dcdfe55eae81799d99383931b61e8f41c957afebcdf9c69f85dbd3a23
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a8e4eb24a21afb428b320c5eb32fcd5456456f05a26fc5c2b41de3bc77cb6b72
b2080c7184676b5deb2e1706384493bc73bb24ef52db259f45bd18208c7aeb8d
b7b2f9d0cf0c2d884e1051f858caed47482b1104edfc419e630598f2a2a073d4
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c34f720ad8770f232e3ece2ef003c9ca61ca1ac3a7235fd08043fd2150fa96e4
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cf88ccd744f9a0df18b3f08b098d56b95eb1502901a09d620413d96e095e7fd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8146bea29a3d1ec4f7ba4e8766995d62bfb8b71272eb7f5d0cad95b5e912503
f0a1b27af03cb2d37b20540e246d3534d6d6673e576ab78f99ac76132567dc9a
f20f18e2124e64b7f7cc6bbb73a0f8c8a034c9c3c35c1e9f4111ad3613d0c20a
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

www.payback.de Open in urlscan Pro 45.60.14.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

50 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

1133 kBTransfer

6041 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.payback.de Open in urlscan Pro
45.60.14.82 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1133 kB
Transfer

6041 kB
Size

12
Cookies

33 HTTP transactions
1 data transactions