diff --git a/shop/models.py b/shop/models.py
index 927c858e..5440875c 100644
--- a/shop/models.py
+++ b/shop/models.py
@@ -244,8 +244,10 @@ class CoinifyAPIInvoice(CreatedUpdatedModel):
 
 
 class CoinifyCallback(CreatedUpdatedModel):
+    headers = JSONField()
     payload = JSONField()
     order = models.ForeignKey('shop.Order')
+    valid = models.BooleanField(default=False)
 
     def __str__(self):
         return 'callback at %s' % self.created
diff --git a/shop/views.py b/shop/views.py
index f98604b0..4f706684 100644
--- a/shop/views.py
+++ b/shop/views.py
@@ -368,12 +368,22 @@ class CoinifyCallbackView(SingleObjectMixin, View):
             settings.COINIFY_API_SECRET
         )
 
+        # make a dict with all HTTP_ headers
+        headerdict = {}
+        for key, value in request.META.iteritems():
+            if key[:5] == 'HTTP_':
+                headerdict[key[5:]] = value
+
+        # save callback to db
+        callbackobject = CoinifyCallback.objects.create(
+            headers=json.dumps(headerdict),
+            payload=request.body,
+            order=self.get_object()
+        )
         if sdk.validate_callback(request.body, signature):
-            # callback is valid, save it to db
-            callbackobject = CoinifyCallback.objects.create(
-                payload=request.body,
-                order=self.get_object()
-            )
+            # mark callback as valid in db
+            callbackobject.valid=True
+            callbackobject.save()
 
             # parse json
             callbackjson = json.loads(request.body)
@@ -394,6 +404,7 @@ class CoinifyCallbackView(SingleObjectMixin, View):
             else:
                 HttpResponseBadRequest('unsupported event')
         else:
+            print "invalid callback detected"
             HttpResponseBadRequest('something is fucky')