indexo.dev

payback.de

.de crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 6975 ms crawled 2026-05-19

US · 45.60.14.82 · AS19551 Incapsula Inc

Reputation 100/100

Classifying

HTML metadata

Title
PAYBACK Bonusprogramm » °Punkten + Coupons + Aktionen
Description
Entdecke im PAYBACK Bonusprogramm einzigartige Angebote : ✔bei rund 700 Partnern °Punkte sammeln ✔Coupons einlösen ✔attraktive Prämien sichern
Language
de-DE

Technology

Server
nginx
CMS
Next.js
Cookie consent
  • OneTrust

Third-party hosts loaded (1)

  • cdn.cookielaw.org×2

Social

Registration

Updated
2020-03-31
Name servers
  • doug.ns.cloudflare.com.
  • ulla.ns.cloudflare.com.

DNS records live

NS
  • doug.ns.cloudflare.com
  • ulla.ns.cloudflare.com
MX
  • 10 mx.noris.de
  • 10 mx.noris.net
  • 42 fakemx.noris.net
TXT
  • google-site-verification=lKr2D4H-0hH0MbqJXRkPVcVU1DrNXwgX5hX5iVJNBQE
  • _7uq6oxg0qflxulpgwlrxva6dtxryzmj
  • _dmvad5lghij6jv5idzyrvil68eghe3l

Email authentication strong

SPF
v=spf1 ip4:213.155.95.180 ip4:185.124.16.48/28 include:ramses._spf.elaine-asp.de include:spf.qb-feedback.com include:pbspf.transact-gmbh.de include:_spf.xqueue.com a:postmaster-nav-cloud.ncag.ch include:c.spf.service-now.com -all
strict (-all)
DMARC
v=DMARC1;p=reject;rua=mailto:dmarc@payback.net;adkim=s;aspf=r;rf=afrf;pct=100
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert EV RSA CA G2
from 2025-05-13 to 2026-06-14
Expires in 25 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.payback.de/

present
  • strict-transport-security
  • content-security-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; frame-src 'self' *.payback.de/ *.payback-panel.de/ https://www.youtube.com https://www.youtube-nocookie.com https://challenges.cloudflare.com/; style-src 'self' 'unsafe-inline'; connect-src 'self' https://cdn.cookielaw.org https://geolocation.onetrust.com https://paybackgroup-privacy.my.onetrust.com https://smetrics.payback.de; img-src 'self' https://cms-api.pww-web-prod.pbext.io https://www.payback.de/res/mam/1/ https://checkout.payback.de/pub/media/ https://cdn.payback.cloud/ https://products.dm-static.com/ https://media.dm-static.com/ https://res.cloudinary.com/dmassets-rls/ https://betterplace-assets.betterplace.org/ *.payback.de/ https://staging-assets.bp42.com/ https://cdn-nonprod.payback.cloud/ https://cms-api.pww-web-nonprod.pbext.io https://checkout.tst1.pb-nonprod.de/pub/media/ https://cdn.cookielaw.org https://smetrics.payback.de https://widgets.trustedshops.com/ https://c1.adform.net/ https://track.adform.net/ blob: data:; font-src 'self'; object-src 'no
strict-transport-security
max-age=2592000

Links to (3)

Linked from (13)