www.payback.de Open in urlscan Pro
45.60.14.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsletter6.payback.de/go/1/3ZDVNMDR-3Z5BAJE2-3Z5BAJRN-89R1BZO.html
Effective URL:
https://www.payback.de/app
Submission Tags: falconsandbox
Submission: On January 18 via api (January 18th 2022, 11:15:13 am UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 53 HTTP transactions. The main IP is 45.60.14.82, located in United States and belongs to INCAPSULA, US. The main domain is www.payback.de. The Cisco Umbrella rank of the primary domain is 78491.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 20th 2021. Valid for: a year.

This is the only time www.payback.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.169.180.252 193.169.180.252	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
1 45	45.60.14.82 45.60.14.82	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	5

1 193.169.180.252 (Germany) 1 redirects

ASN48173 (UNBELIEVABLE-AS, DE)
PTR: srv2.de

newsletter6.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 45.60.14.82 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

m.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.payback.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	payback.de 2 redirects newsletter6.payback.de — Cisco Umbrella Rank: 554262 m.payback.de www.payback.de — Cisco Umbrella Rank: 78491	3 MB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 496	129 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 743	457 B
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
53	5

	Domain	Requested by
44	www.payback.de	www.payback.de
6	cdn.cookielaw.org	www.payback.de cdn.cookielaw.org
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.payback.de
1	m.payback.de	1 redirects
1	newsletter6.payback.de	1 redirects
53	7

This site contains links to these domains. Also see Links.

Domain
m.payback.de
play.google.com
itunes.apple.com
www.facebook.com
www.trustedshops.de
tuev-saar.de
www.payback.group
www.onetrust.com

Subject Issuer	Validity	Valid
www.payback.de DigiCert SHA2 Extended Validation Server CA	`2021-07-20` - `2022-07-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.payback.de/app
Frame ID: 46F0CEDB9B025A818ED558A5A5095B8A
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

• Die PAYBACK App • »mein persönlicher Shopping Assistent«Back ButtonFilter Button

Page URL History Show full URLs

http://newsletter6.payback.de/go/1/3ZDVNMDR-3Z5BAJE2-3Z5BAJRN-89R1BZO.html HTTP 302
https://m.payback.de/payback/content/lp/?tracker=r0t8v5_ddyzzy&deeplink=pbmobil%3A%2F%2Ffeed&nlci... HTTP 301
https://www.payback.de/app Page URL

Detected technologies

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

53
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

2739 kB
Transfer

7529 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://m.payback.de/payback/content/lp/?tracker=n1ll1n_fsyx2u&deeplink=pbmobil%253A%252F%252Ffeed&campaign=normal
Title: Zur App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=de.payback.client.android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/de/app/payback-karte-coupons-geld/id363126964

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PAYBACK.Deutschland

Search URL Search Domain Scan URL

URL: https://www.trustedshops.de/shop/certificate.php?shop_id=X378FA6FDE903D2783D081A33BA4F164F

Search URL Search Domain Scan URL

URL: https://tuev-saar.de/payback

Search URL Search Domain Scan URL

URL: https://www.payback.group/de/karriere/
Title: Arbeiten bei PAYBACK

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsletter6.payback.de/go/1/3ZDVNMDR-3Z5BAJE2-3Z5BAJRN-89R1BZO.html HTTP 302
https://m.payback.de/payback/content/lp/?tracker=r0t8v5_ddyzzy&deeplink=pbmobil%3A%2F%2Ffeed&nlcid=50_20187_063&TrID=580070 HTTP 301
https://www.payback.de/app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request app Show response
www.payback.de/
Redirect Chain

http://newsletter6.payback.de/go/1/3ZDVNMDR-3Z5BAJE2-3Z5BAJRN-89R1BZO.html
https://m.payback.de/payback/content/lp/?tracker=r0t8v5_ddyzzy&deeplink=pbmobil%3A%2F%2Ffeed&nlcid=50_20187_063&TrID=580070
https://www.payback.de/app

86 KB
16 KB

174ms
101ms

Document
text/html

45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

086357a80bfb982bfca170b2c43fc69f15a305c7d50139009ce71f55c38131de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 18 Jan 2022 11:15:08 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Security-Policy: frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors *.payback.de
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Strict-Transport-Security: max-age=2592000
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=0
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Language: de
X-Request-ID: f603bfec-366c-43bb-b337-750e1abfafc0
X-CDN: Imperva
X-Iinfo: 14-136077350-136064863 PNNy RT(1642504507954 28) q(0 0 0 1) r(1 1) U5

Redirect headers

Date: Tue, 18 Jan 2022 11:15:08 GMT
Server: Apache
X-Powered-By: PHP/7.2.24
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.payback.de/app
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-CDN: Imperva
X-Iinfo: 5-65454830-65454836 NNNY CT(5 864 0) RT(1642504507844 34) q(0 0 0 0) r(0 0) U5

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 135ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 10:55:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 11:15:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 11:15:09 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 106ms
72ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IVhKS9vCZ6N2xbLKU0Dl/w==
age: 1116
vary: Accept-Encoding
content-length: 6456
x-ms-lease-status: unlocked
last-modified: Tue, 18 Jan 2022 03:31:35 GMT
server: cloudflare
etag: 0x8D9DA3307CEA0BD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8a6b1cd7-f01e-0061-103a-0c9c39000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cf7675d48452bad-FRA
expires: Tue, 18 Jan 2022 15:15:09 GMT

GET
H/1.1 200 pb-runtime-loader.js Show response
www.payback.de/blueberry/static/ui-core/1.470.0/one/ 60 KB
17 KB 44ms
43ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/one/pb-runtime-loader.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

ec07af4a0df08b6d374c511a2ccc69757d3ba569e8f0b73f7487adbd045d2932

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 14-136077350-136064863 SNNy RT(1642504507954 221) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: f77ee51a-08ad-4731-b6aa-3908fdb56f44
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"61923-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 01 Feb 2022 11:15:08 GMT

GET
H/1.1 200 pb-uicore.js Show response
www.payback.de/blueberry/static/ui-core/1.470.0/one/ 3 MB
668 KB 53ms
53ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/one/pb-uicore.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

553b69783cdda95c399a4e4bb9c864bfa64e111d467ba98f5d4bcccd5c9647ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 14-136077350-136064863 PNNy RT(1642504507954 363) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 046dcb4b-0f06-4d34-9aca-72e67168745f
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"3625430-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 01 Feb 2022 11:15:09 GMT

GET
H/1.1 200 ab-test-is-anonymous.js Show response
www.payback.de/resources/js/ 26 B
1 KB 81ms
54ms Script
text/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/resources/js/ab-test-is-anonymous.js

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

a8e4eb24a21afb428b320c5eb32fcd5456456f05a26fc5c2b41de3bc77cb6b72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-37039226-37026532 PNYN RT(1642504508183 13) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 31055134-352e-4ad2-800a-e6afa624a720
Pragma: no-cache
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Type: text/javascript;charset=ISO-8859-1
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pb_logo--mobile-blue.svg
www.payback.de/blueberry/static/ui-core/1.470.0/assets/logos/ 5 KB
3 KB 56ms
29ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/assets/logos/pb_logo--mobile-blue.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

1d754872a908b87874f5cfdec3e59cb091bd9b053e00de0031c0da5424a28a82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 9-41627748-41601526 PNNy RT(1642504508326 17) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: eecbfad8-d4cb-41cc-bbfd-0c512af0f91d
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"4648-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Tue, 01 Feb 2022 11:15:09 GMT
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pb_logo--desktop.svg
www.payback.de/blueberry/static/ui-core/1.470.0/assets/logos/ 9 KB
4 KB 72ms
42ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/assets/logos/pb_logo--desktop.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

146afe6abcee9660473fc99510bdbc2d41d84e7baebf1a6943bfcec449e84148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-37039251-37026532 PNNN RT(1642504508327 32) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 2e210eee-0651-41aa-8f9d-9b79cf4bb756
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"9142-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Expires: Tue, 01 Feb 2022 11:15:09 GMT
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 head-banner-img-resdata4.png
www.payback.de/resource/blob/151330/b8ce7d3e42bc1dcbb64b3e978a59c78e/ 34 KB
35 KB 60ms
29ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151330/b8ce7d3e42bc1dcbb64b3e978a59c78e/head-banner-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

c4765bc253d6da89284c87254b22acec8d4008bc4b5133cd3bed08f3b53fd270

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "b8ce7d3e42bc1dcbb64b3e978a59c78e"
X-CDN: Imperva
X-Iinfo: 13-93823879-93812386 PNNy RT(1642504508327 19) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 35026
X-XSS-Protection: 1; mode=block
X-Request-ID: 719bfa3a-8cdc-465e-97a7-efc8ee153fa5
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 head-bild-mobile-data.png
www.payback.de/resource/blob/151862/59a973de1997e87a9cc9743c79eecdd3/ 55 KB
55 KB 180ms
27ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151862/59a973de1997e87a9cc9743c79eecdd3/head-bild-mobile-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e49e0645a3381650b3091bb4ce96b5b105d61d0834843aa16bd22b114a5136ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "59a973de1997e87a9cc9743c79eecdd3"
X-CDN: Imperva
X-Iinfo: 3-37039251-37026532 SNNN RT(1642504508327 141) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 55833
X-XSS-Protection: 1; mode=block
X-Request-ID: d85a6226-2675-46e8-ba48-0f2d9ef47e7d
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 loslegen-img-resdata4.png
www.payback.de/resource/blob/151348/7cfb65b990e430783887b55aa994dd94/ 47 KB
48 KB 114ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151348/7cfb65b990e430783887b55aa994dd94/loslegen-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e6a11cba260c74db2b13331859249b2eccdacbd8c9a659fcc5a48d0e76faec9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "7cfb65b990e430783887b55aa994dd94"
X-CDN: Imperva
X-Iinfo: 3-37039251-37026532 SNNN RT(1642504508327 111) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 48298
X-XSS-Protection: 1; mode=block
X-Request-ID: 558ea999-a480-4236-9635-172baf73b555
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de-DE
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 googleplayimg-data.png
www.payback.de/resource/blob/151636/c933ae83f3a8640c7f01c4a52e12b03b/ 5 KB
6 KB 105ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151636/c933ae83f3a8640c7f01c4a52e12b03b/googleplayimg-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

d181fdfb48360bd9770b36a17d87862db089b7fa85366e1340092355d16dae1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "c933ae83f3a8640c7f01c4a52e12b03b"
X-CDN: Imperva
X-Iinfo: 13-93823879-93812386 SNNy RT(1642504508327 103) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 5026
X-XSS-Protection: 1; mode=block
X-Request-ID: 3c364dcf-b6ba-4f25-8977-d2b348041030
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 appstoreimg-data.png
www.payback.de/resource/blob/151632/b441d661bce94a5fc30171fbdd0188a2/ 3 KB
4 KB 131ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151632/b441d661bce94a5fc30171fbdd0188a2/appstoreimg-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

174d6b98a83a5c6053006c3697543afc796072c123b5b5f33133eb94e1c019b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "b441d661bce94a5fc30171fbdd0188a2"
X-CDN: Imperva
X-Iinfo: 13-93823879-93812386 SNNy RT(1642504508327 129) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 3322
X-XSS-Protection: 1; mode=block
X-Request-ID: 16eeecac-9531-48d0-9cdd-05882016e0f6
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-1-data.png
www.payback.de/resource/blob/151780/390f40f3c9d4ac5788ced25448826b76/ 115 KB
116 KB 28ms
28ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151780/390f40f3c9d4ac5788ced25448826b76/bild-1-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

4017b6a149ff83d9c2d35e56fea9809542182da31204faebe2dbed6a115a8aab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "390f40f3c9d4ac5788ced25448826b76"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 287) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 117716
X-XSS-Protection: 1; mode=block
X-Request-ID: e1290504-5336-4527-b93d-ce0437f61ee8
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-2-data.png
www.payback.de/resource/blob/151782/0015e776a4dd46646d368175f84e5385/ 78 KB
79 KB 27ms
27ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151782/0015e776a4dd46646d368175f84e5385/bild-2-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

0430f65b068f4d8666934af6e634b844bd68296b9a036d923fe8a8e71e94e40d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "0015e776a4dd46646d368175f84e5385"
X-CDN: Imperva
X-Iinfo: 9-41627747-41623588 SNNy RT(1642504508325 145) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 80239
X-XSS-Protection: 1; mode=block
X-Request-ID: 928608d9-ff41-4b32-81fe-4d1ae88959cc
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-3-data.png
www.payback.de/resource/blob/151784/2ff281a3ba504ee3a6b4ef8e6b40789e/ 101 KB
102 KB 25ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151784/2ff281a3ba504ee3a6b4ef8e6b40789e/bild-3-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

9a2a93215e4ae6ea9f5dc2213d9961f99348cee6c7ad88cee0318a23852b1951

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "2ff281a3ba504ee3a6b4ef8e6b40789e"
X-CDN: Imperva
X-Iinfo: 9-41627748-41601526 SNNy RT(1642504508326 151) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 103248
X-XSS-Protection: 1; mode=block
X-Request-ID: 69bff7f5-68f4-4ad4-ba42-b4fadf5be67b
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-4-data.png
www.payback.de/resource/blob/151786/9ce6656b92dbdf4d0e50e3eb20e21e4d/ 126 KB
127 KB 25ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151786/9ce6656b92dbdf4d0e50e3eb20e21e4d/bild-4-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

89457d4c167caed32d94e4b8cc4ef0d949080ce4aed34fd8ccb6a4cdd123b1df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "9ce6656b92dbdf4d0e50e3eb20e21e4d"
X-CDN: Imperva
X-Iinfo: 13-93823879-93812386 SNNy RT(1642504508327 156) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 129420
X-XSS-Protection: 1; mode=block
X-Request-ID: 430659f5-1645-4d9a-9a43-8c439a51f0c5
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-5-data.gif
www.payback.de/resource/blob/151788/bc07c57cf6f3fbc29df6a883eaf3bcb6/ 149 KB
150 KB 27ms
27ms Image
image/gif 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151788/bc07c57cf6f3fbc29df6a883eaf3bcb6/bild-5-data.gif

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

4a3a9afeb4055a537c8f1669076e138cfd3742b852218cf9531473c2edff3073

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "bc07c57cf6f3fbc29df6a883eaf3bcb6"
X-CDN: Imperva
X-Iinfo: 9-41627747-41623588 SNNy RT(1642504508325 174) q(0 1 1 -1) r(1 1) U5
Connection: keep-alive
Content-Length: 152766
X-XSS-Protection: 1; mode=block
X-Request-ID: 459f2420-1622-47c4-90b9-ae84f7495c8e
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/gif;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-6-data.png
www.payback.de/resource/blob/151792/ecf5d2f1ff6ddaa909c15d0c96831db3/ 103 KB
103 KB 28ms
28ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151792/ecf5d2f1ff6ddaa909c15d0c96831db3/bild-6-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

8739874fd5057959949fd8265487246c338de17655fb30069a2593f4d635416b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "ecf5d2f1ff6ddaa909c15d0c96831db3"
X-CDN: Imperva
X-Iinfo: 3-37039251-37026532 SNNN RT(1642504508327 176) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 105073
X-XSS-Protection: 1; mode=block
X-Request-ID: 17ebe5d5-3940-4b9a-8126-fc1cc6a95935
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 bild-7-data.png
www.payback.de/resource/blob/151794/b6eb1e384e66f2921cfae04ef3036450/ 77 KB
78 KB 25ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151794/b6eb1e384e66f2921cfae04ef3036450/bild-7-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

766ccbcddb46bf58b0beef3930baeef74d76999972f51d3a5442d64bfacf30cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "b6eb1e384e66f2921cfae04ef3036450"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 328) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 79292
X-XSS-Protection: 1; mode=block
X-Request-ID: 8f71355f-fcd6-4878-adc1-9f841fd5669a
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 coupons-img-resdata4.png
www.payback.de/resource/blob/151440/9b1b53bb36e017e871fc4cf1fb3fe0b3/ 57 KB
58 KB 102ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151440/9b1b53bb36e017e871fc4cf1fb3fe0b3/coupons-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

8fac610c3d91784a039e3866d459d492b84e11ff33c15e1c6c843216ec149fe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "9b1b53bb36e017e871fc4cf1fb3fe0b3"
X-CDN: Imperva
X-Iinfo: 9-41627747-41623588 SNNy RT(1642504508325 102) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 57998
X-XSS-Protection: 1; mode=block
X-Request-ID: 932b5bef-d880-434c-8d6a-e154f7be770f
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 punktestand-img-resdata4.png
www.payback.de/resource/blob/151532/b5d9cccf5c28aba913c0a42e2e77f089/ 38 KB
39 KB 65ms
28ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151532/b5d9cccf5c28aba913c0a42e2e77f089/punktestand-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

5c4a97f246c90b5a5564ffb0c229d735f187362b90247c4a6856f9ae7cebb610

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "b5d9cccf5c28aba913c0a42e2e77f089"
X-CDN: Imperva
X-Iinfo: 13-93823879-93812386 SNNy RT(1642504508327 60) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
Content-Length: 39104
X-XSS-Protection: 1; mode=block
X-Request-ID: 9a29b6ac-cc0d-46bb-abbb-a8dbdb91316a
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 mobile-karte-img-resdata4.png
www.payback.de/resource/blob/151456/b9c0fa53b7d9438c014573daf60f221b/ 52 KB
53 KB 64ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151456/b9c0fa53b7d9438c014573daf60f221b/mobile-karte-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

6ce728d93ba440416db4f9da250ab8b1c3ac7afee64511e18a9db76f73b78da2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "b9c0fa53b7d9438c014573daf60f221b"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 207) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
Content-Length: 53093
X-XSS-Protection: 1; mode=block
X-Request-ID: f6e9094a-de3b-4380-b1dd-af9141e4c6ee
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 online-shopping-img-resdata4.png
www.payback.de/resource/blob/151480/be67a4f605260df5312781fb112268ad/ 57 KB
58 KB 63ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151480/be67a4f605260df5312781fb112268ad/online-shopping-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

3611b96347647a5003c543fed077f7405726960516de7e81db826ec3dd4549f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "be67a4f605260df5312781fb112268ad"
X-CDN: Imperva
X-Iinfo: 3-37039251-37026532 SNNN RT(1642504508327 60) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 58534
X-XSS-Protection: 1; mode=block
X-Request-ID: 74321a58-3ba7-4d38-a503-d94bcfd97300
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 check-in-img-resdata4.gif
www.payback.de/resource/blob/151538/acabcc7a9c923021065d66296e0eb377/ 43 KB
44 KB 115ms
25ms Image
image/gif 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151538/acabcc7a9c923021065d66296e0eb377/check-in-img-resdata4.gif

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

6996a924a451b8b0af0a967bff85a427a0d565b0a1c2c60a1ab2a1ac753848af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "acabcc7a9c923021065d66296e0eb377"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 258) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 44148
X-XSS-Protection: 1; mode=block
X-Request-ID: 63c5fd15-3ba2-4792-9ca7-f3990cb57491
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/gif;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pay-img-resdata4.png
www.payback.de/resource/blob/151548/23a098a2c01c5511146d02e09ee798c5/ 54 KB
55 KB 99ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151548/23a098a2c01c5511146d02e09ee798c5/pay-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e1c9df0a81e97670b71b2aa58c3abd1108a8217df46ba6f51028caec8d0513

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "23a098a2c01c5511146d02e09ee798c5"
X-CDN: Imperva
X-Iinfo: 9-41627748-41601526 SNNy RT(1642504508326 97) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 55656
X-XSS-Protection: 1; mode=block
X-Request-ID: fd03ff6d-0986-4100-b117-b0940d8c1d07
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 gewinnspiele-img-resdata4.png
www.payback.de/resource/blob/151554/450128d2434bbe76e3a30c37c89cbd5b/ 40 KB
41 KB 26ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151554/450128d2434bbe76e3a30c37c89cbd5b/gewinnspiele-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

ead38a03d345cf8248f63698000bb23075c765d92db50547b420b4b1617c8aad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "450128d2434bbe76e3a30c37c89cbd5b"
X-CDN: Imperva
X-Iinfo: 9-41627748-41601526 SNNy RT(1642504508326 193) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 41334
X-XSS-Protection: 1; mode=block
X-Request-ID: 717c5a7a-df13-461b-b078-5a946e460f7c
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 services-img-li-resdata4.png
www.payback.de/resource/blob/151562/73fd0ad1c29ea7724722907a5d205e3f/ 47 KB
48 KB 26ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151562/73fd0ad1c29ea7724722907a5d205e3f/services-img-li-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

670da8d9f2973ba5c6207b66b920fbb0b03a698772c5d95b7603702a98b2c787

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "73fd0ad1c29ea7724722907a5d205e3f"
X-CDN: Imperva
X-Iinfo: 13-93823879-93812386 SNNy RT(1642504508327 194) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 47857
X-XSS-Protection: 1; mode=block
X-Request-ID: e204a316-7870-4cb9-8125-68e10b4b3e58
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 services-img-re-resdata4.png
www.payback.de/resource/blob/151572/44966eb0db487622256de795d079fc54/ 12 KB
13 KB 25ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151572/44966eb0db487622256de795d079fc54/services-img-re-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

ac47654f855371db59f41c09ee3c15b07bef8deaeeca5ded207944e5b550cd94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "44966eb0db487622256de795d079fc54"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 354) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 12340
X-XSS-Protection: 1; mode=block
X-Request-ID: 7f40c69f-940c-413b-97f0-9787176a925c
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 services-bild-mobile-data.png
www.payback.de/resource/blob/151860/0ff57ad0d60e7035418a714ee3b87e8a/ 48 KB
49 KB 27ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151860/0ff57ad0d60e7035418a714ee3b87e8a/services-bild-mobile-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

3c7061fa0b460d4c072ba1e0068ba701ee7c31334891a33f7c52714403e48773

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "0ff57ad0d60e7035418a714ee3b87e8a"
X-CDN: Imperva
X-Iinfo: 9-41627747-41623588 SNNy RT(1642504508325 216) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 49209
X-XSS-Protection: 1; mode=block
X-Request-ID: cea9361d-c836-467f-b09f-8c5e42703e62
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 freund-und-helfer-bild-mobile-data.png
www.payback.de/resource/blob/151868/9c041b3488d58cbe49e15ebd94c6e039/ 125 KB
126 KB 24ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151868/9c041b3488d58cbe49e15ebd94c6e039/freund-und-helfer-bild-mobile-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

45b934d25b261302fb2dcfc0734ac3382f8d0d5124df3495356652d00dc57b12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "9c041b3488d58cbe49e15ebd94c6e039"
X-CDN: Imperva
X-Iinfo: 3-37039251-37026532 SNNN RT(1642504508327 214) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 128382
X-XSS-Protection: 1; mode=block
X-Request-ID: f4921c3c-a17c-4ff1-bee7-d4803f2f0e46
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 a-und-d-img-resdata4.png
www.payback.de/resource/blob/151578/9c041b3488d58cbe49e15ebd94c6e039/ 125 KB
126 KB 25ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151578/9c041b3488d58cbe49e15ebd94c6e039/a-und-d-img-resdata4.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

45b934d25b261302fb2dcfc0734ac3382f8d0d5124df3495356652d00dc57b12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "9c041b3488d58cbe49e15ebd94c6e039"
X-CDN: Imperva
X-Iinfo: 9-41627748-41601526 SNNy RT(1642504508326 219) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 128382
X-XSS-Protection: 1; mode=block
X-Request-ID: aa6bdbfe-129d-4796-a03a-1336564f4c9c
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 googleplayimg-data.png
www.payback.de/resource/blob/151600/c933ae83f3a8640c7f01c4a52e12b03b/ 5 KB
6 KB 25ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151600/c933ae83f3a8640c7f01c4a52e12b03b/googleplayimg-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

d181fdfb48360bd9770b36a17d87862db089b7fa85366e1340092355d16dae1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "c933ae83f3a8640c7f01c4a52e12b03b"
X-CDN: Imperva
X-Iinfo: 13-93823879-93801436 PNNy RT(1642504508327 222) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 5026
X-XSS-Protection: 1; mode=block
X-Request-ID: 7bc562ae-bf95-42bd-a046-d20921bb2d12
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 appstoreimg-data.png
www.payback.de/resource/blob/151596/b441d661bce94a5fc30171fbdd0188a2/ 3 KB
4 KB 25ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/151596/b441d661bce94a5fc30171fbdd0188a2/appstoreimg-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

174d6b98a83a5c6053006c3697543afc796072c123b5b5f33133eb94e1c019b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "b441d661bce94a5fc30171fbdd0188a2"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 379) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 3322
X-XSS-Protection: 1; mode=block
X-Request-ID: 8193dab4-ce24-427a-a46a-1ebe978d2bc3
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: vi-VN
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 facebook-bild-data.jpg
www.payback.de/resource/blob/3364/f3027b613663d914967be8c31210a848/ 3 KB
4 KB 26ms
25ms Image
image/jpeg 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3364/f3027b613663d914967be8c31210a848/facebook-bild-data.jpg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

29823b0d418f705fa2d98365cafbcb850af6c9afd2e593d0dc3ac9990f3497a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-37039251-37026532 SNNN RT(1642504508327 242) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 06ad3090-c79f-47bc-8fe8-a17edf1efb6f
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
ETag: W/"f3027b613663d914967be8c31210a848"
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Language: de
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Content-Type: image/jpeg;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 praemien-bild-data.jpg
www.payback.de/resource/blob/3378/211d0bb719bb0485bae52121a9fe84d8/ 5 KB
6 KB 41ms
41ms Image
image/jpeg 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3378/211d0bb719bb0485bae52121a9fe84d8/praemien-bild-data.jpg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

56ce899ef810c6652923230bbf8d13e7ac766c0f5a2c74a8fa19d0fc46d70e70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 9-41627747-41623588 SNNy RT(1642504508325 244) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 2d157024-7c2f-4531-81b0-ad19710d6df9
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
ETag: W/"211d0bb719bb0485bae52121a9fe84d8"
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Strict-Transport-Security: max-age=2592000
Content-Language: de
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Content-Type: image/jpeg;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 tuev-bild-data.png
www.payback.de/resource/blob/3384/4706d0ac3e37e47728b7a381813e819d/ 15 KB
16 KB 26ms
26ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3384/4706d0ac3e37e47728b7a381813e819d/tuev-bild-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

733a2518392f870ef93bd540993cbbc273aa176655e5c0dc84c78ba1e7e96a21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "4706d0ac3e37e47728b7a381813e819d"
X-CDN: Imperva
X-Iinfo: 13-93823879-93801436 SNNy RT(1642504508327 248) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 15830
X-XSS-Protection: 1; mode=block
X-Request-ID: 47337b13-33c6-481f-9e1b-1c3eff5d1441
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 pb-uicore.css
www.payback.de/blueberry/static/ui-core/1.470.0/one/ 1 MB
97 KB 28ms
27ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/one/pb-uicore.css

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

cd9419c6e300ef5849a5fad1b2ec16ff4b0d15d2433b76b63d4dc41682d27867

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 3-37039226-37026532 PNNN RT(1642504508183 96) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 03458502-4e37-4ece-898e-a69f3e827e22
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"1406753-499162500000"
vary: accept-encoding
Strict-Transport-Security: max-age=2592000
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 01 Feb 2022 11:15:09 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.payback.de/ 141 KB
20 KB 27ms
27ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=263557595
Requested by: Host: www.payback.de
URL: https://www.payback.de/app
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 42545b67aa5384c7dd0a3cefbfe171b65a4949c003cef7ae998c7dd161d7456d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 20333
Content-Type: application/javascript

GET
H2 200 b5290c5c-415b-4c0b-a4e1-25f3f002e97a.json Show response
cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/ 4 KB
2 KB 45ms
30ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/b5290c5c-415b-4c0b-a4e1-25f3f002e97a.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11e3e179a0e3297dab2b46228c3fba574c9ac56aed242512eac20b9895fe92a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Tz7l2kIqNj9gNmjPCDPL+Q==
age: 214
vary: Accept-Encoding
content-length: 1438
x-ms-lease-status: unlocked
last-modified: Tue, 18 Jan 2022 08:20:49 GMT
server: cloudflare
etag: 0x8D9DA5B6FA24303
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f482e42e-001e-0056-155c-0c3096000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cf7675dda1c4e68-FRA
expires: Tue, 18 Jan 2022 15:15:09 GMT

GET
H/1.1 200 couponmail-image-data.png
www.payback.de/resource/blob/3392/9f347ab5bcca02b322db22a13c20c991/ 523 B
1 KB 37ms
30ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3392/9f347ab5bcca02b322db22a13c20c991/couponmail-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

c3a5e609d52b9875cce4a352b2470f47035f52863ce76b325c1bc9fd9954838c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "9f347ab5bcca02b322db22a13c20c991"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 PNNy RT(1642504508183 180) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 523
X-XSS-Protection: 1; mode=block
X-Request-ID: 0038c469-6166-4252-86b8-126946c7451e
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 hilfe-image-data.png
www.payback.de/resource/blob/3396/a1c5929c058736152c6bbb91fbaa9590/ 636 B
2 KB 76ms
24ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3396/a1c5929c058736152c6bbb91fbaa9590/hilfe-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

76ee1685be4e740cc6a15a7227e6ccba02aaef4993da3f14dd2a1581eb9da58f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "a1c5929c058736152c6bbb91fbaa9590"
X-CDN: Imperva
X-Iinfo: 9-41627747-41623588 SNNy RT(1642504508325 77) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 636
X-XSS-Protection: 1; mode=block
X-Request-ID: 2ac0248b-4d88-49f7-935c-4e5d5c4d579c
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 punktekonto-image-data.png
www.payback.de/resource/blob/3412/8d5e62a03b4ea19b012cb8251d3e0cb4/ 315 B
1 KB 46ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3412/8d5e62a03b4ea19b012cb8251d3e0cb4/punktekonto-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

0ca86d21e6be7e324a3d61012c2cc94e883f70576ff9a92e90a39a4905709e0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "8d5e62a03b4ea19b012cb8251d3e0cb4"
X-CDN: Imperva
X-Iinfo: 9-41627748-41601526 SNNy RT(1642504508326 44) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 315
X-XSS-Protection: 1; mode=block
X-Request-ID: 798a17f1-39da-4e11-9b88-3be2a762e147
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 login-image-data.png
www.payback.de/resource/blob/3400/dc922c9c7b2a52136667056d3a7a4182/ 508 B
1 KB 90ms
25ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/resource/blob/3400/dc922c9c7b2a52136667056d3a7a4182/login-image-data.png

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

28af9f6d171abee4a869c2d45de8d41f32dde9483add8c9aa1519f9587534d26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security: max-age=2592000
ETag: "dc922c9c7b2a52136667056d3a7a4182"
X-CDN: Imperva
X-Iinfo: 3-37039226-37028038 SNNy RT(1642504508183 232) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
Content-Length: 508
X-XSS-Protection: 1; mode=block
X-Request-ID: 8250f432-11ea-4cd6-a2d6-83dace3341e3
Server: nginx
Date: Tue, 18 Jan 2022 11:15:09 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: de
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Type: image/png;charset=UTF-8
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H/1.1 200 search--blue-10.svg
www.payback.de/blueberry/static/ui-core/1.470.0/one/assets/ 1 KB
2 KB 71ms
25ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/one/assets/search--blue-10.svg

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

9d3ab89e6e0710ba6383ec39b6edd572eefdcadd456d38a78e6324a285f61d94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.payback.de
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 9-41627748-41601526 SNNy RT(1642504508326 70) q(0 0 0 -1) r(1 1) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 4a52a585-e890-4944-926d-007dd1070478
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
X-Frame-Options: ALLOW-FROM https://www.payback.de
ETag: W/"1487-499162500000"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP: frame-ancestors https://*.payback.de
Expires: Tue, 01 Feb 2022 11:15:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 124ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.payback.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 336187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:52:02 GMT

GET
H/1.1 200 payback_light-webfont.woff
www.payback.de/blueberry/static/ui-core/1.470.0/one/fonts/ 82 KB
82 KB 40ms
26ms Font
application/font-woff 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.de/blueberry/static/ui-core/1.470.0/one/fonts/payback_light-webfont.woff

Requested by

Host: www.payback.de
URL: https://www.payback.de/app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

67b9d3822a652a2879b0a50c8a2398045c5e8ca395786ce41cc6010ac2ada1f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.payback.de/app
Origin: https://www.payback.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 11:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 9-41627747-41623588 PNYy RT(1642504508325 14) q(0 0 0 -1) r(0 0) U5
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-ID: 0e54bc32-bb63-4ef9-84e1-0db9311f8b21
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: nginx
ETag: W/"83468-499162500000"
Strict-Transport-Security: max-age=2592000
Content-Type: application/font-woff;charset=UTF-8
Expires: Tue, 01 Feb 2022 11:15:09 GMT
Cache-Control: max-age=1209600, public
Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Accept-Ranges: bytes
X-WebKit-CSP: frame-ancestors https://*.payback.de
X-Content-Security-Policy: frame-ancestors https://*.payback.de; report-uri /blueberry/servlet/handler/cspreporting

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 49ms
30ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.payback.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cf7675e5f324e4f-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 27ms
26ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 7902458
vary: Accept-Encoding
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5562596-701e-0174-096c-c418f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cf7675eec0a2bad-FRA

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/0cf5bcdd-3350-43aa-98ae-47cc3d37a896/ 94 KB
20 KB 25ms
25ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b5290c5c-415b-4c0b-a4e1-25f3f002e97a/0cf5bcdd-3350-43aa-98ae-47cc3d37a896/de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c008556c48b373c7b4a6471999ca2eddce2774ba5a8289099a7173eb84ed438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ujRGQf0DjJtPJVViVFfYKA==
age: 214
vary: Accept-Encoding
content-length: 20728
x-ms-lease-status: unlocked
last-modified: Tue, 18 Jan 2022 08:21:00 GMT
server: cloudflare
etag: 0x8D9DA5B75EA9575
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 43ed5ea5-a01e-0072-085c-0ca9d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cf7675f3d7d4e68-FRA
expires: Tue, 18 Jan 2022 15:15:09 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 13 KB
3 KB 20ms
19ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OL7qnwFOarng5AW29V9Pw==
age: 214
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:42 GMT
server: cloudflare
etag: 0x8D94112485FC2D3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4083e028-701e-0130-6bff-01c499000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cf7675f9e854e68-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/ 46 KB
12 KB 44ms
43ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c2277b46c18e7ebfaaad7f923ee279d762089bc6e9162a118ac2281b643004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 94p9hKoPf3nMy9EdKS8ocg==
age: 214
vary: Accept-Encoding
content-length: 11893
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:45 GMT
server: cloudflare
etag: 0x8D9411249A88412
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f2ab6d57-b01e-00c7-7d7b-0ba427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cf7675f9e894e68-FRA

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.de/ 1 B
123 B 13ms
13ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payback.de/_Incapsula_Resource?SWKMTFSR=1&e=0.9932357068614757
Requested by: Host: www.payback.de
URL: https://www.payback.de/app
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.payback.de/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payback.de/	1970-01-20 09:00:36	Name: visid_incap_2275256 Value: LcRBwCA6TDSOzDAc+6OSAzuh5mEAAAAAQUIPAAAAAAA3NFzHHtpxbs0HKgl11c4Q
.payback.de/	1969-12-31 23:59:59	Name: incap_ses_729_2275256 Value: 8/l6CzbLWw4m4///J+4dCjuh5mEAAAAAI1fPeQ6RKGMOmRyClH+BiA==
www.payback.de/	1969-12-31 23:59:59	Name: JSESSIONID_BB Value: 8D08B1679EA1B578BF750CF81CD9C8FE
www.payback.de/	1969-12-31 23:59:59	Name: BIGipServerpool_pde_e3_blueberry_cae_a Value: !zrwrE09LFaqyF6Ukm06NaELGyQI9G8xokk0uBDJFGIPz+S9aUewWS1hGY3IZkdB70E6tefafc0Zg5wc=
www.payback.de/	1969-12-31 23:59:59	Name: BIGipServerpool_pde_e3_lmsweb_httpd_a Value: !eZIXDhII1g0luIkkm06NaELGyQI9G1cb/fZuqSMtHrwzSI8PFg03Cvn//zTh2lzwtpPLCVecNdsHVA==
.payback.de/	1970-01-20 09:00:36	Name: visid_incap_860291 Value: iRSX7WSwT4iCP0o7XDmbejuh5mEAAAAAQUIPAAAAAADRuR/C4hbfqu4+JKGDnnxM
.payback.de/	1969-12-31 23:59:59	Name: incap_ses_729_860291 Value: IiilRIL8dzJi4///J+4dCjyh5mEAAAAAlRIJUNvXgy+INQgwFImfew==
www.payback.de/	1970-01-20 00:15:04	Name: ___utmvc Value: VNp8jnuWFNqg+lPlwXxS8P9Z24cfs6jNb19bk7oB0lIAs0xVAzM1Hkk8MAx59Mo6mx9iut5oHEMX2nhOdv2X0ePmKSi4jH0UrQDUZySDnFrZfBGbCseQ4H5w1+JoAMmARNyu0eQFpOv9ykxPRJ/WqApWMVmRfhvz21qyuy9YJ+E4x38ezktk4bQs5jpSFsz9OXK8zBLNNQn+JRMNigW8UXDx9nOTkS8gpNMSF3oaYx0ULAUx/fpv+UhCQEMz1TBG+pSFN3kmVXG5GC0ubb2uzAqoDvYgWSa91KOtDvGI12TEzJ0u7bOevOAF4/vct7B08OMZ1PMRxWKpK3kdWxUF4A2o7BWUo244N28V1KOcGj/pHAhRmoDUPQJjg0YyVcLG/I5xHi48HLXXCRmHZbFp/vxU0K9OSyIYrifxUdX/XS8ndRzKNH2KgyfpeXx7k5eRB4Fd2/Dc22PZ0i9ujH6AL5RjoN1LE8V8flCug+DJdFkyU2u/6Mv80Nz1hKNGaUiDdIj2OGizvJUbK1p8G7oXUS8pImvhp/3NoQfcBb57CbGL3xdC7GVkNXpyga4sOMYpskAWn3+Evc3VnV27CZxtsJxKDqbUe9a3Q4ARc/gJ4Dfi7RYykVkQX8qSDizxeeTlwjSbNUa49EBurrGTQRIPYYPRUCsgLpCaCLAYHxttmTE31+0Oa/1YGsrNcWTEJGYEuzuPjMMiaJTtvFTn0OFvvVbLzeY7Tqy/2iwkrq+v5oNLVBJ4d/jZPGiEJAbxYrNHnaiQ0iMppNFHGU/WjxtSWrk9DXIiI3lMWLHMWRedFXPedBaYqthoQZ+gzYF/OeNLbYee/FqWaCKP+5uqMksMmMDLGfrmaFcSdlT8RFKO2q2/vr4XKkaWxUVR9oZDh2ma/4hf4Mcfv7a4ppfd/6uX2vCbMPnW8f/JWJQ98kSu96rjv9SWEfhYNpX+h0g/LHOj9rMsyVfZLqK1IxjmqnK3q2b12XGstrHDj9sFGa3TZkJzy7WoKpuBOvdT27eWRqCHXwYaJRiqcSnCuxM4P8C6bPMops+qWfj1EIiWcF+NW4QeNba+m1R8zQKQyPxdMCP0vNUJdeqjh7V6CpuiOchB01Jest+tOWxpapGrh7EmYuCEOVOK2mp2wO5I1Kb6+6F/o63H6JNiyYRuP3iiTSvyiAZYHUXAu930NGI+ATGUtQuvpGGuILJAn6NmdwVGj3tCU2O5hSIp3jV31xVxl6K91C3ut6ZqVt9tjqzaFs5pi+G5sB6OMG5Sw7OMoFzNIti4RvtN4JEYbybNoIqxqx5jwPvwtxeGu9mXUVcjzuKWIAnQCZ0Te0QOQz5kSWftqVqeGGm8zvMIWehy25nUAQs5+I/8X+F/5y1Z3ph6YtQGcT9nV9DEZBUtJzOAMRb+7GRDUqNv1qgiFaNaj+BUdYRpSrKwpByPEdev/ogLZY+FhuD5Bpx8Us0IOUTYqjfQFOaV/pa8f4ZfzXxjsTfIhS/tiP35WZYvxW03D/jTT6fZcGpeW7fROJvVXAHb4P/1zJirETwxHw9sGCnhLUJvpGCTirXB6GuSjl0NGq3IpZJNnrYFNs8BTbCUHiB+iQkJXDNKaqSFt6YbiDvo5uqQ6kt0EpDOkej/LdF8dAByrgKG02MPHFKgIns/eNp+G78vVd67pxaBBUU5cWkxUXEDK7mebyFhYGAxLhk8q89Ylp1z+3Gnp5nLiO/bSEViLNNSm2+mti/UzfUGq2XGURPyNNhH0yqHv1t9ptzHc8+Aq02dpsBXmGufwCUuvjdHRmUmy6y+DlH6+hXGYuPoxUj9snJ4gz0CJGQLUjkyKgrr/u7fcOCItjWbxXLL0AEpzuTE2RJzBIMZ5Z0gPF9AqlnA0EZ1z+WxAdjeDZF66V3yEDLCZtSQy9Hgop8cou/Uevf2ziiBn3uD0ZemOIeudkma3oe2CvPGe8cy3uu5CbM9TDZLR793/b5cmMUVRNKeuGzG+YeH05YhyWMIuWUkFrXazl0pXImQtzur92+c4JzFhYPgKuMUToYKOfneZAPTLc1y8LrbjERzb1bEnNC8hEmTbqvDkvBEs5G/COFaITDGHXxAGcw9nQdZ8OeMx29VzJJVnVNQgkwC9JPwgRsICuHidEtgmdHde3D3yUg1JjlcVrvNt3r7QJ8R4KdaiKR9gErf+TzMdHtuzLDfLfei+1mLpLbGwTlvOPfFGwiK9xz39hIyUKNsCXVatSgyfjVc2elQ1mT1HeoWe4gP2I5aIdecg5Ce8+Tlbr0l+ceb9xIroVQUbrin4T6PjBrTEtIBQpZ4LrXgwIfZxGO3x1S1EPJXOFlBiUNiT/HbXkf1NU6JU0RqZIgqZHN17UzoLlilyADzEtGBiiAcW6zIplxMI/aRuMXZoib7zlChzi4EX1y0JyZ/B8zchCubkF+srcLwd63JVM4z9TdM7IJjkh4pMmm4DhMO+wtoEI9v3FmcJFdZzyz3ZD+zWAvH36B5f4I161ZQmCni0zs5EzHTdOjcXgpt/q5N+vVq7jVG0bFNUODHRjLk5MVqK3xp8BgZfQj6sd9nVTczMonailj1Q/uk6zM5PACZlIXPQSzmGz+5rCwXlYWmV4VpgcGxAVH2eU6e196gHNAUidK+bVOVqZXtC/FD4sXmiNOuzGy8fdcSwvvNZ6Sh6POEDRW7wt5ZQV+R2wD/wJrAVOXcq8DpeLqbLGRpZ2VzdD0xODQyNTYsMTg0NTgzLHM9NjFiMThkYTA3OWEwYTY4OThiYWQ5NjZhNjI4YWFkYTI5MzljN2E2MDY5YTU4NTk3NmVhYjY0YjE3ZGFiODhhZjc2NjlhNjhhODc3OTcwNmU=
.payback.de/	1970-01-20 09:00:40	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jan+18+2022+11%3A15%3A09+GMT%2B0000+(GMT)&version=6.20.0&isIABGlobal=false&hosts=&consentId=9baf128f-46da-4a2b-b6a3-552be10138ff&interactionCount=0&landingPath=https%3A%2F%2Fwww.payback.de%2Fapp&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security	max-age=2592000
X-Content-Security-Policy	frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
m.payback.de
newsletter6.payback.de
www.payback.de
193.169.180.252
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
45.60.14.82
0430f65b068f4d8666934af6e634b844bd68296b9a036d923fe8a8e71e94e40d
086357a80bfb982bfca170b2c43fc69f15a305c7d50139009ce71f55c38131de
0ca86d21e6be7e324a3d61012c2cc94e883f70576ff9a92e90a39a4905709e0e
11e3e179a0e3297dab2b46228c3fba574c9ac56aed242512eac20b9895fe92a7
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
146afe6abcee9660473fc99510bdbc2d41d84e7baebf1a6943bfcec449e84148
174d6b98a83a5c6053006c3697543afc796072c123b5b5f33133eb94e1c019b0
1d754872a908b87874f5cfdec3e59cb091bd9b053e00de0031c0da5424a28a82
28af9f6d171abee4a869c2d45de8d41f32dde9483add8c9aa1519f9587534d26
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
29823b0d418f705fa2d98365cafbcb850af6c9afd2e593d0dc3ac9990f3497a1
32c2277b46c18e7ebfaaad7f923ee279d762089bc6e9162a118ac2281b643004
3611b96347647a5003c543fed077f7405726960516de7e81db826ec3dd4549f0
3c008556c48b373c7b4a6471999ca2eddce2774ba5a8289099a7173eb84ed438
3c7061fa0b460d4c072ba1e0068ba701ee7c31334891a33f7c52714403e48773
4017b6a149ff83d9c2d35e56fea9809542182da31204faebe2dbed6a115a8aab
42545b67aa5384c7dd0a3cefbfe171b65a4949c003cef7ae998c7dd161d7456d
45b934d25b261302fb2dcfc0734ac3382f8d0d5124df3495356652d00dc57b12
4a3a9afeb4055a537c8f1669076e138cfd3742b852218cf9531473c2edff3073
553b69783cdda95c399a4e4bb9c864bfa64e111d467ba98f5d4bcccd5c9647ad
56ce899ef810c6652923230bbf8d13e7ac766c0f5a2c74a8fa19d0fc46d70e70
5c4a97f246c90b5a5564ffb0c229d735f187362b90247c4a6856f9ae7cebb610
670da8d9f2973ba5c6207b66b920fbb0b03a698772c5d95b7603702a98b2c787
67b9d3822a652a2879b0a50c8a2398045c5e8ca395786ce41cc6010ac2ada1f5
6996a924a451b8b0af0a967bff85a427a0d565b0a1c2c60a1ab2a1ac753848af
6ce728d93ba440416db4f9da250ab8b1c3ac7afee64511e18a9db76f73b78da2
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
733a2518392f870ef93bd540993cbbc273aa176655e5c0dc84c78ba1e7e96a21
766ccbcddb46bf58b0beef3930baeef74d76999972f51d3a5442d64bfacf30cb
76ee1685be4e740cc6a15a7227e6ccba02aaef4993da3f14dd2a1581eb9da58f
8739874fd5057959949fd8265487246c338de17655fb30069a2593f4d635416b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89457d4c167caed32d94e4b8cc4ef0d949080ce4aed34fd8ccb6a4cdd123b1df
8fac610c3d91784a039e3866d459d492b84e11ff33c15e1c6c843216ec149fe0
9a2a93215e4ae6ea9f5dc2213d9961f99348cee6c7ad88cee0318a23852b1951
9d3ab89e6e0710ba6383ec39b6edd572eefdcadd456d38a78e6324a285f61d94
a0e1c9df0a81e97670b71b2aa58c3abd1108a8217df46ba6f51028caec8d0513
a8e4eb24a21afb428b320c5eb32fcd5456456f05a26fc5c2b41de3bc77cb6b72
ac47654f855371db59f41c09ee3c15b07bef8deaeeca5ded207944e5b550cd94
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
c3a5e609d52b9875cce4a352b2470f47035f52863ce76b325c1bc9fd9954838c
c4765bc253d6da89284c87254b22acec8d4008bc4b5133cd3bed08f3b53fd270
cd9419c6e300ef5849a5fad1b2ec16ff4b0d15d2433b76b63d4dc41682d27867
d181fdfb48360bd9770b36a17d87862db089b7fa85366e1340092355d16dae1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49e0645a3381650b3091bb4ce96b5b105d61d0834843aa16bd22b114a5136ab
e6a11cba260c74db2b13331859249b2eccdacbd8c9a659fcc5a48d0e76faec9d
ead38a03d345cf8248f63698000bb23075c765d92db50547b420b4b1617c8aad
ec07af4a0df08b6d374c511a2ccc69757d3ba569e8f0b73f7487adbd045d2932
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

www.payback.de Open in urlscan Pro 45.60.14.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

67 %IPv6

5 Domains

7 Subdomains

5 IPs

2 Countries

2739 kBTransfer

7529 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.payback.de Open in urlscan Pro
45.60.14.82 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

2739 kB
Transfer

7529 kB
Size

9
Cookies

53 HTTP transactions
0 data transactions