pension-refund-germany.de Open in urlscan Pro
172.67.154.11  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response pension-refund-germany.de/	115 KB 28 KB	130ms 71ms	Document text/html	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41a988c71b643053ebee0b05fcb6bc545fcfc1ffb3f6e37638f1b3ca30445096 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers age 0 alt-svc h3=":443"; ma=86400 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 8a06ea152f21905e-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 09 Jul 2024 08:23:51 GMT expires Tue, 09 Jul 2024 08:23:51 GMT last-modified Mon, 08 Jul 2024 21:37:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fu6kXEFIch1NvW8uMqMlsEoaerx8UvvF%2BkYURAeX6m4w00Bl%2FDMng15ZT1aXkS%2FdBuyY8d1THE%2Bn%2FoPJC6bxflxArD1zym0Ds%2F8vi898flkSDS0dvJ514%2BZjy2R4FxVaamEY7WUoTFAfdX2P"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-cache HIT
GET H3	200	u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2 pension-refund-germany.de/wp-content/uploads/blocksy/local-google-fonts/s/merriweather/v30/	12 KB 13 KB	73ms 73ms	Font application/font-woff2	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/uploads/blocksy/local-google-fonts/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129 Request headers Referer https://pension-refund-germany.de/ Origin https://pension-refund-germany.de User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:51 GMT cf-cache-status MISS last-modified Thu, 23 May 2024 20:57:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "664fadb1-31ec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRT8nnc107Xa5PhpNomJVgYfSDVSFjvHvIx8RxDLvbFAWsL8lIFxl6KjEotMNzxtWdD9fkF0TGn7dytPnMli1kemMRJ2kLdwR1PLkrf%2B38GSu04YcKeLUycaqLIBzXDkqneD8XmftKaexy%2BM"}],"group":"cf-nel","max_age":604800} content-type application/font-woff2 cache-control public, max-age=2592000 accept-ranges bytes cf-ray 8a06ea15af91905e-FRA alt-svc h3=":443"; ma=86400 content-length 12780
GET H3	200	jquery.min.js Show response pension-refund-germany.de/wp-includes/js/jquery/	86 KB 30 KB	230ms 230ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 12 Mar 2024 13:14:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f0551b-15601" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XevRjWXngWxHrBpdnIikhbQnf4sbsHaqTx47HIZ%2BmY214o04LZXuxiGUgsOa8%2B0qnzU5zrmTGlYca3J%2B355FyQv2MW5gF7fLVSnHUAWWzdQ5hFXDNgmk%2BD%2B%2BNUqfaiSDVnXCCvdIL9zd55oD"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfc6905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	jquery-migrate.min.js Show response pension-refund-germany.de/wp-includes/js/jquery/	13 KB 5 KB	144ms 143ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 12 Mar 2024 13:14:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f0551b-3509" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nng17ycBWmFA27pYWmLvuyJipTeStzvRXsVT0AGEWrOFzDx6DLtcaN464Dp%2FoVkZlPpzzt4GibX0ykI7qqDYKWgKaj0jNh9Id6qPP8xmihP5e81iqwbYX62Bp4UL9qzss010Jz9wLYGerKzj"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfca905e-FRA alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	307 KB 102 KB	144ms 67ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=GT-5DHTPWW7 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7663d78033d24e652644eedcd6b634474384b179193ca16d65634d0f373be5f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104178 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 09 Jul 2024 08:23:52 GMT
GET H3	200	prg-logo.svg pension-refund-germany.de/wp-content/uploads/2024/04/	4 KB 2 KB	266ms 266ms	Image image/svg+xml	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pension-refund-germany.de/wp-content/uploads/2024/04/prg-logo.svg Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6b8603a4ae7ea601be454a8ab8c3f0d32e35b43a19bdc779634c2cb1871bb73 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 22 May 2024 18:04:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"664e33b5-e56" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBVprYcxfHXp6C5%2FxT9%2Fw%2BU49NrRh%2BlHJUlyixv1usX0QgfhlrA3Wbae18IY%2B421Szqg9n1Jt%2B3WvDrQ7loHuroc9ksy2yWUm9XE4rRdcVYCVgRpiixLeGF90Bvqeiz9WO773X8SEIhnPZnk"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=2592000 cf-ray 8a06ea15dfcb905e-FRA alt-svc h3=":443"; ma=86400
GET H2	200	index.php Show response mtm.pension-refund-germany.de/js/	66 KB 22 KB	349ms 273ms	Script application/javascript	2606:4700:3037::6815:43d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mtm.pension-refund-germany.de/js/index.php Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:43d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 x-cache MISS content-disposition inline; filename=matomo.js alt-svc h3=":443"; ma=86400 content-length 21925 last-modified Wed, 29 May 2024 09:16:47 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40FgJQ0%2Fhcy1ZxhN1vgE7ezsJBYR4wfyyM4L%2F6bcO2pnCUCMXXm3fcj1ZLNJ0BJ0U1K5kXAZwqzewQCoDm3%2FLsjRqlGYc5SAm305gcr4L2%2BkhzraNjLm29Jz1aHkwL%2BP%2F47KAFC%2BExRnlDnOzddWlFlDX1GqRGMQ%2FIpxJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, must-revalidate accept-ranges bytes cf-ray 8a06ea1648169bfe-FRA expires Fri, 19 Jul 2024 08:23:52 GMT
GET H3	200	smooth_scroll.min.js Show response pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/assets/js/	1 KB 993 B	146ms 146ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.67.1 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1554e57ad67200bf6066313379d3af16d3c79870526575e0b12f92fba9cfb69b Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 19 Jun 2024 10:32:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6672b3bb-49d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gk01l2dqE5KQNNgMrsEb33fd26AcaWSACVtnnm%2B2SrCIDzwaPpKPN8mz7U1MFPUemaWN1Wvo35EymXatnCz09c32a%2FUo45kndZ9QKYMkHNX8bOYuMAge7s7HHac7qoIkGxaS8k%2FbRyzWbuC1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfcd905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	js.cookie.min.js Show response pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/	2 KB 2 KB	183ms 182ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 19 Jun 2024 10:32:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6672b3bb-9ee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RH0dYVOhSepGCUuwhxnwvbWpmimpsXJ8oA2wJGqSa9oYWKqeBFJjOtjSAOpalUM%2FkUqDM%2FvmG5d8qX57ghNALoEzGVE5S%2FM%2BJX%2B0tadsF1iwPJ2ONOkBZ2dqxFse9SNaBSh4jd6SpVtfVef8"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfcf905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	jquery.sticky-kit.min.js Show response pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/	3 KB 2 KB	267ms 267ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 19 Jun 2024 10:32:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6672b3bb-b5b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKqkY8GrqaySbFqEA%2Fx9RV26FlxhwSmJJ2j1EZR36ynC%2BceKwIVZtgwOk9b2683oRmM%2BRSWEp4UhTZdtTEccBQ8xZ6xYiH9A%2BcDqs9hfkquL7MI9u4BY3qLHxoXlhPI4djTZ4Sya2HoVirPY"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfd0905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	front.min.js Show response pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/assets/js/	4 KB 2 KB	266ms 266ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.67.1-1718793147 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f9c7e30783afb8da77a4a574dab1ea477ed2c3581ea12ed07d1117cea412fb0 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 19 Jun 2024 10:32:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6672b3bb-f8e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqBMCI44DA1SyREHOA6luhi6i4kA6FRX8f7R0%2BIwHyLPHc4vOezMrl9atHKF9tLskPcOQE94Tpv8xyJoyciGDuuSubdzJR0MD9zyaVBlkqhsyc4wZRRANJ5ClmvmAFVdIqu24PFGo1u2EDr5"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfd3905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	main.js Show response pension-refund-germany.de/wp-content/themes/blocksy/static/bundle/	31 KB 9 KB	266ms 266ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.57 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7481eb042b5dc40dae70d49a616915d9c00ba643e8672943c0b220de08af989d Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 04 Jul 2024 03:10:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6686129c-7a02" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ar%2F3vICczoEz%2BZ01mutSnZ9CvdJvLU185gIKPbBlAvC%2Fw0BPy020UZqkYxOUFE2d03zkEmBaYshOevztm17sLZPbedhMhahL9T3ROFL5bFPgkzrfm4oa4TvHwV5IPTpCw0NjLtEZDJyOZ3Sc"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfd4905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	lazyload.min.js Show response pension-refund-germany.de/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/	9 KB 3 KB	265ms 265ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 23 May 2024 19:44:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"664f9c91-22bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAiMMDmjT3lNMvAMYJ92PMIugA%2BOq6RyXk%2FbZw3Md6RwQDgbjl1P2oe%2FitbB5F%2FT%2FuWDfMXHcgjOA7soVzc6Kwzl63vKQcFjk3FnyGEAoteAjGECkK6SX024L6BGbo5lV3Qd41K%2FQQ3gRAo6"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea15dfd6905e-FRA alt-svc h3=":443"; ma=86400
POST H2	204	collect region1.google-analytics.com/g/	0 0	90ms 35ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-ZH2WVR3WT0&gtm=45Pe4730v9185963043za200&_p=1720513431962&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZTNiMT&cid=544970502.1720513432&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720513432&sct=1&seg=0&dl=https%3A%2F%2Fpension-refund-germany.de%2F&dt=Pension%20Refund%20Germany%20-%20Pension%20Refund%20Germany&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=428&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GT-5DHTPWW7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 09 Jul 2024 08:23:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pension-refund-germany.de cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	read-progress.js Show response pension-refund-germany.de/wp-content/plugins/blocksy-companion-pro/framework/premium/extensions/post-types-extra/static/bundle/	570 B 835 B	65ms 65ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/blocksy-companion-pro/framework/premium/extensions/post-types-extra/static/bundle/read-progress.js?ver=2.0.57 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.57 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e71fb80cd0e17a8976025db7f32b5d2005fabbec9b77b64b3775837646333d1 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 19 Jun 2024 10:32:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6672b3b3-23a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYx6ceXdmixd%2BXjWrhG6nxyDXdAHnrz3jhT4CA62dhwyQByJhVsINJG7M1iKFbKEBjOKA2HhTNPGxQfMiaO1txNpNTL3Vg%2FuwPT8y2vWZ7aQyBDXqqDx7PPUeepBNLqeDQdlkCWcoBESUHOw"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea17a9c3905e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	sticky.js Show response pension-refund-germany.de/wp-content/plugins/blocksy-companion-pro/static/bundle/	12 KB 4 KB	70ms 70ms	Script application/javascript	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.57 Requested by Host: pension-refund-germany.de URL: https://pension-refund-germany.de/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.57 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45d42739e04ed669634bfa9f3f800deef54a230d19f2662e740c7fb96a882caf Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 19 Jun 2024 10:32:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6672b3b3-2ee4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LU7pxZfG%2BTkLIZFF3nE0Rortucm%2FmcoFAwoz2FD8MILP3NveoJYNIVwQ7%2FgUErbjlKeqjcjfTzUgOk9%2BFHiTUsLtdlOgmLSw7wp8yCRbrg%2BZXrxUm8NQTz2OjaenRqc%2FKH16OAN7euYlKvKI"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 8a06ea17a9c5905e-FRA alt-svc h3=":443"; ma=86400
POST H2	204	index.php mtm.pension-refund-germany.de/js/	0 337 B	410ms 409ms	Ping text/plain	2606:4700:3037::6815:43d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mtm.pension-refund-germany.de/js/index.php?action_name=Pension%20Refund%20Germany%20-%20Pension%20Refund%20Germany&idsite=14&rec=1&r=749148&h=10&m=23&s=52&url=https%3A%2F%2Fpension-refund-germany.de%2F&_id=2e6f9283c52ce034&_idn=1&send_image=0&_refts=0&pv_id=kJb8IO&pf_net=60&pf_srv=69&pf_tfr=37&pf_dm1=37&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: mtm.pension-refund-germany.de URL: https://mtm.pension-refund-germany.de/js/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:43d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Tue, 09 Jul 2024 08:23:52 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 x-cache MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sTfyEqM86ic4GZUpWGrkQc2E6QpkjQvUiRpBGmVxPmKxY%2BqIP%2F%2Bu%2BEbOCxucYvGp0fkJpqrCwzNKhTCkbP8xGWfAUFAbq%2F78xIyZAemDcQCeN2oeV5qIimDe%2F4sCEOFefElncZUVahwVyX6iv5rwnfD1G%2BHsiJ2CnauCdg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://pension-refund-germany.de access-control-allow-credentials true cf-ray 8a06ea181a7a9bfe-FRA alt-svc h3=":443"; ma=86400
GET H3	200	prg-icon.svg pension-refund-germany.de/wp-content/uploads/2024/04/	723 B 884 B	80ms 80ms	Other image/svg+xml	172.67.154.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pension-refund-germany.de/wp-content/uploads/2024/04/prg-icon.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33a7c873945731b6251ea759db4ec2593b194d9c521ffeab816243700f67d2e0 Request headers Referer https://pension-refund-germany.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 08:23:52 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 22 May 2024 18:04:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"664e33b7-2d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWKN91iGo4nHrkOc0lniYqa5FebZbIiUYrMcSFtk%2FnciGjK3dvzYeeG8wNNe6%2F3wlXMXZnQGk5r%2FMvK%2BOhThb1uVLRxqKZkIVawj%2BtiocU2%2F3vbnndYBcWvKCFZYdv0dvv%2BHyekXseRkj%2FkC"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=2592000 cf-ray 8a06ea181a2a905e-FRA alt-svc h3=":443"; ma=86400

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| _paq object| eztoc_smooth_local object| ezTOC function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| rocket_lazyload_css_data object| ct_localizations object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| jQuery function| Cookies object| blocksyJsonP object| ctEvents object| ctFrontend function| LazyLoad object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pension-refund-germany.de/	1970-01-21 07:31:13	Name: _ga_ZH2WVR3WT0 Value: GS1.1.1720513432.1.0.1720513432.0.0.0
			.pension-refund-germany.de/	1970-01-21 07:31:13	Name: _ga Value: GA1.1.544970502.1720513432
			pension-refund-germany.de/	1970-01-20 21:55:15	Name: gp_easy_passthrough_session Value: feb0ee8e5c4b0917fa515b261b37199c||1720476433||1720476073
			pension-refund-germany.de/	1970-01-21 07:21:08	Name: _pk_id.14.c126 Value: 2e6f9283c52ce034.1720513432.
			pension-refund-germany.de/	1970-01-20 21:55:15	Name: _pk_ses.14.c126 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mtm.pension-refund-germany.de
pension-refund-germany.de
region1.google-analytics.com
www.googletagmanager.com
172.67.154.11
2001:4860:4802:34::36
2606:4700:3037::6815:43d
2a00:1450:4001:800::2008
1554e57ad67200bf6066313379d3af16d3c79870526575e0b12f92fba9cfb69b
33a7c873945731b6251ea759db4ec2593b194d9c521ffeab816243700f67d2e0
41a988c71b643053ebee0b05fcb6bc545fcfc1ffb3f6e37638f1b3ca30445096
45d42739e04ed669634bfa9f3f800deef54a230d19f2662e740c7fb96a882caf
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac
6e71fb80cd0e17a8976025db7f32b5d2005fabbec9b77b64b3775837646333d1
7481eb042b5dc40dae70d49a616915d9c00ba643e8672943c0b220de08af989d
7663d78033d24e652644eedcd6b634474384b179193ca16d65634d0f373be5f0
7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129
8f9c7e30783afb8da77a4a574dab1ea477ed2c3581ea12ed07d1117cea412fb0
c6b8603a4ae7ea601be454a8ab8c3f0d32e35b43a19bdc779634c2cb1871bb73
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a