www.pentestpartners.com Open in urlscan Pro
2606:4700:20::681a:4c0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
Submission: On February 12 via api (February 12th 2024, 2:07:53 am UTC) from TR — Scanned from DE

Summary HTTP 95 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 95 HTTP transactions. The main IP is 2606:4700:20::681a:4c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pentestpartners.com.
TLS certificate: Issued by GTS CA 1P5 on January 13th 2024. Valid for: 3 months.

This is the only time www.pentestpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	2606:4700:20:... 2606:4700:20::681a:4c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
9	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1fea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
95	9

63 2606:4700:20::681a:4c0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pentestpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1fea (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	pentestpartners.com www.pentestpartners.com	15 MB
9	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3721	33 KB
8	gstatic.com fonts.gstatic.com	121 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	338 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2173	259 B
1	termly.io app.termly.io — Cisco Umbrella Rank: 17706	300 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 782	7 KB
95	8

	Domain	Requested by
63	www.pentestpartners.com	www.pentestpartners.com www.googletagmanager.com static.cloudflareinsights.com
9	static.addtoany.com	www.pentestpartners.com static.addtoany.com
8	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	www.pentestpartners.com www.googletagmanager.com
4	fonts.googleapis.com	www.pentestpartners.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.termly.io	www.pentestpartners.com
1	static.cloudflareinsights.com	www.pentestpartners.com
95	8

This site contains links to these domains. Also see Links.

Domain
mall.livall.com
en.wikipedia.org
www.aleck.io
www.addtoany.com
twitter.com
www.linkedin.com
www.youtube.com
www.crest-approved.org
www.ncsc.gov.uk
iasme.co.uk
www.pcisecuritystandards.org

Subject Issuer	Validity	Valid
pentestpartners.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
static.addtoany.com E1	`2023-12-27` - `2024-03-26`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2023-05-03` - `2024-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
Frame ID: D4178C4FCCAB3EEBD33134383AE537B9
Requests: 93 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 31BEDA0DCF6252CC66E33DAF61B8098F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ski & bike helmets protect your head, not location or voice | Pen Test Partners

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

95
Requests

97 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

16180 kB
Transfer

18204 kB
Size

18
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://mall.livall.com/products/rs1?variant=47686801785141
Title: smart ski helmet from Livall

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Multi-directional_Impact_Protection_System
Title: MIPS

Search URL Search Domain Scan URL

URL: https://www.aleck.io/products/nunchucks
Title: Aleck smart helmet speakers

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.pentestpartners.com%2Fsecurity-blog%2Fski-bike-helmets-protect-your-head-not-location-or-voice%2F&title=Ski%20%26%20bike%20helmets%20protect%20your%20head%2C%20not%20location%20or%20voice
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/PentestPartners
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pen-test-partners
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2HCAhj6JiOsV_PcMFrjykw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.crest-approved.org/member_companies/pen-test-partners/

Search URL Search Domain Scan URL

URL: https://www.ncsc.gov.uk/organisations/pen-test-partners

Search URL Search Domain Scan URL

URL: https://iasme.co.uk/cyber-essentials/

Search URL Search Domain Scan URL

URL: https://www.pcisecuritystandards.org/assessors_and_solutions/qualified_security_assessors

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/ 76 KB
19 KB 344ms
325ms Document
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e7a9ecb92ebdc65d8058c8f1bf6a7a32d6e8a1ff288ba74bc88d200ee1d159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 854147b1ab4e1953-FRA
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 02:07:47 GMT
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
link: <https://www.pentestpartners.com/wp-json/>; rel="https://api.w.org/" <https://www.pentestpartners.com/wp-json/wp/v2/posts/28796>; rel="alternate"; type="application/json" <https://www.pentestpartners.com/?p=28796>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8TEE6uFrZy%2FelzpTQK8qD%2BY5I41EMQXY4vmE6VCkzUXhH48Br3IBFt7jxZjNb%2B%2Bvkamyu5Kc%2FxppDUBZnCq5s1QSGPjMf5lok2F7QPB0wkrTfrE1ux2441MSsNNEtU76WGrc%2ByljZUhWczXqstOITwcwEwU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-clacks-overhead: GNU Terry Pratchett
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-tec-api-origin: https://www.pentestpartners.com
x-tec-api-root: https://www.pentestpartners.com/wp-json/tribe/events/v1/
x-tec-api-version: v1
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
755 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400,700

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02091afbd5c20fd828425c86a06ca87bd3d2dfc41c127f1987b8fd0796b8e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 02:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 02:07:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 02:07:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1010 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Serif+Pro

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47677f03d3b61fb9d543ccf115eede239446c305343132fb12d9882d15adcb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 02:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 02:07:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 02:07:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
688 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Code+Pro

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14b837e54b3fb5b03edb9ce6b6ccc4fc5837367dfb2018df7818066ba678e92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 02:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 02:07:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 02:07:47 GMT

GET
H2 200 style.css
www.pentestpartners.com/content/themes/pentestpartners2019/ 237 B
526 B 57ms
56ms Stylesheet
text/css 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/style.css

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be2e621c471e3a7999e544e35704f0531fe8981d78d74f94845eb18970e96480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Oct 2019 13:56:49 GMT
server: cloudflare
etag: W/"5db996a1-ed"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPHxwmtefNq%2FCMMDwu%2BY0UVNMZLpdwXWf%2B5GSyQz2rKLwqvUtCiO44OeRx62B42GhZVnO03Kb4KitgF3%2FvKTyWe%2Fp9lYkKOtMaImnHCl2wYRWvwENmlh3RZ1Vx5pXWNxmXpg%2Bs95ZXFx3AwnTv3zwuw%2Bk%2FPg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc5d1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.pentestpartners.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/wp-includes/css/dist/block-library/style.min.css?ver=c60c8245b0933a0f6a8601204b05f5f6

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Jan 2024 01:39:11 GMT
server: cloudflare
etag: W/"65b9a4bf-1ae43"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncPir8bGBLzesOd9z1x5RUqRFkE3u2HOVcgaAByb%2BUpumDV1kuLuKvnNcseLqrFCAhxsriYRrWahlzlX%2B7nuqDGYL1OPrd%2FNiVxbayMuRzGF1RvMLZBouWilpwkU1IfATHsZi2bmlFEg6%2BW6FCABLHOgDbqw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc5e1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.pentestpartners.com/content/plugins/rotatingtweets/css/ 3 KB
1 KB 41ms
39ms Stylesheet
text/css 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/rotatingtweets/css/style.css?ver=c60c8245b0933a0f6a8601204b05f5f6

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b78182d32bc1435404f2a75a1d882cf595b552ec57a0fd71eceec586da245f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 11:22:24 GMT
server: cloudflare
etag: W/"5f4f8070-c78"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1mXN5KSNtDiz193UbnNdw0Z1QwnFIexhkXq37%2BiJ6z4Duio7hgUqXRbaPOAFweIiTIx2%2BrIbiUMAlplumuxl71MUAMikGGUwTo5F%2B7NB6ftkq3rpmLovQy5YiMd5L%2B2lnUrZPscrh9al1W%2FHl5DJWydN%2BNT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc5f1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pagenavi-css.css
www.pentestpartners.com/content/plugins/wp-pagenavi/ 374 B
548 B 42ms
40ms Stylesheet
text/css 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Aug 2023 10:20:03 GMT
server: cloudflare
etag: W/"64cb7f53-176"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic9865pEQZOoGzz9m1363x8AgaVXX3BmLf839kY2CzXuPwmI1DiHH0esN0KRL%2FXVRCGVbdRxss8dqzMylchQpxVjE4r8R%2FX%2FyZtkmvuXG3uXToaRDLwL9TxBaFTK1w0odJPDnXR4U78cDFV9UW1BuWXEsOjH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc611953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
www.pentestpartners.com/content/themes/pentestpartners2019/dist/ 323 KB
27 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/main.css?id=98fbd4c463348d03427e&ver=c60c8245b0933a0f6a8601204b05f5f6

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53a748a38dd7b2ef68c1fed3855274031859c644de087c4f6ffe62683aba87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Jul 2022 16:22:49 GMT
server: cloudflare
etag: W/"62d588d9-50af9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCXA0lugWiY3dwbsm8CBXUZ5EhyHO7GHPNvhFiyi5Y7kiEd9wYDiXWDn8BGoBiI5IfXFGoRuHZQGXp%2FbPeET3V18FqdGV19yu%2F1rEpvMXnNeUmFcQo546aN8JRZ1Na0t2qxWJ8bazflCvguTzTwlifK5Noj7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc621953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
www.pentestpartners.com/content/plugins/add-to-any/ 2 KB
851 B 44ms
43ms Stylesheet
text/css 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/add-to-any/addtoany.min.css?ver=1.16

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Jan 2024 10:57:33 GMT
server: cloudflare
etag: W/"65a50f9d-644"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5fCKK87Lu6g%2FXlBVB8p%2BLbzgglP05KqGC%2BMHu7Phgzl7cywr%2BrxZ8u32SCkuewL1RCfJrnOuBB6%2FPcxoimZgSz2g57bbfXDmTJqpibAJqockF5MnxpwzMzo86PW9mSZY2at1a6CQGmDeJXBBqOchRcde0RI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc631953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-ptp.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 32 KB
33 KB 49ms
48ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/logo-ptp.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0467b38acd64efd76a134423c52ab86ac0dfb76c9fea372db761fc480863a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 33172
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2019 09:07:52 GMT
server: cloudflare
etag: "5d63a168-8194"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoSizk0dICxIpCglq1%2FCUC0TRMMfkv5CY0n%2F16RBw%2BNUWbT7Hc4SKcQFFXe5kWGl7DNxiTC%2BQPL96ZGRxXrI3BG38s5dynOgvieHAA6tvoZzcJSDoISz1O1yPMZwOjeJ7LQMs4ZuIBAxa9VZC4OniK0Iw7eV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc651953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livallskihelment-headline.png
www.pentestpartners.com/content/uploads/2022/02/ 1 MB
1 MB 144ms
144ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livallskihelment-headline.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf81caed123d2f7e22e878084b40bb3febdf992cdfaa88ccb1458fee1ba9e5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1522178
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Feb 2024 12:15:27 GMT
server: cloudflare
etag: "65c222df-173a02"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7ZTPO4dN0CQy4kGITuBQVacAw6qxsQD11Vs8uL4wV5Y4%2FLvZ9KY0rhIQBSVr8DZV8y21zpfSeYnMQkK%2B0VU2FNYOMCXXXSy%2Bc0OXtQw%2FS914cs8dK8QmnT%2BMpxwkysBvYsj97cd1Y6ja1J8LwaPP7lnu%2FaF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc641953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livall-ski-helmet.png
www.pentestpartners.com/content/uploads/2022/02/ 2 MB
2 MB 100ms
100ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-ski-helmet.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9267f3d9f9cfba18421047aa31ca82acf48067feeef4c20393fe74a2c989e5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1661397
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:59:47 GMT
server: cloudflare
etag: "65c11403-1959d5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph77efeRYKf7%2F%2BntLwmxxJsDhnHbizxLA6ZH%2FToZM0egwGvsnp0UjBaX71Ch6kRwVMIlkYZnTyixUev0%2FnGkwa7FpYk%2FfJY2vl%2FjWfQsN0vnZE6kNrBfYYda%2Bfkooe0RTFY3vFn9s5%2F0thC79owikd1RO7PJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc661953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livall-bike-helmet-768x520.png
www.pentestpartners.com/content/uploads/2022/02/ 740 KB
741 KB 140ms
140ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-bike-helmet-768x520.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c54d88521652031ca116238b254db44d4722b4d7e474cdacbced406e531499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 757736
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:59:53 GMT
server: cloudflare
etag: "65c11409-b8fe8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDHjEcndJah6JAJ5GRzmcBw0sVFZK7hpXRSmuPX8Wsw13sNrbYcAo%2BuI0ckHBUNFKcosc2GqfA%2FNHxR85aep8vG9DUTOA6gVRyZJxQW9PR8xQ5ejDnptRnrVJDKVGZMr9d%2BEti0e3O2XXUpuVVqHHmwpftud"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc671953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic-alert.svg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 900 B
906 B 88ms
86ms Image
image/svg+xml 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ic-alert.svg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f0f497d838253b68170a374172e83bd88f57a0acf4ccd01fb9a3e5147698507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jan 2020 20:39:53 GMT
server: cloudflare
etag: W/"5e0e5519-384"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVqb2VlCG2b%2BdXUNpnwGjqDDAskYDKSeJlG9uSw9mLm9STm0XAAKMPKI847bzBzY77FEbYHdtX6xucDqFYL0unUlArtnCjvRVNiXdBbSW%2BET%2FKUyG2md1dCnWnh74exIFtuAdG2eg4PAw1znrkW%2Bvm0d2n13"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc6a1953-FRA

GET
H2 200 ic-mobile-security.svg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 1 KB
2 KB 43ms
42ms Image
image/svg+xml 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ic-mobile-security.svg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3becb997288083db3873ce10c6f9fb24753c32c4887bf3c6cbc27ee64117a543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jan 2020 20:39:53 GMT
server: cloudflare
etag: W/"5e0e5519-542"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYD%2FiRzFsa0fNISMpDpIIHoPJrAUUHavN0nG%2BfuHd8B9h7ug%2BSHEcZJSKubRxsJPaFdlMcCsANslnlcJ5vfmDcVPeVA%2FE45VGfsvh3XIBaeB4NmeugSj95rmh6yXDwyubklZgB4cl1vlmm4iBfs4K2QYY1a2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc6b1953-FRA

GET
H2 200 ic-social-engineering-grey.svg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 2 KB
1 KB 100ms
99ms Image
image/svg+xml 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ic-social-engineering-grey.svg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649d0e2bfb3815f99794e848610f10b674da5a6cf834a61908df7b09bc090474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2019 09:07:55 GMT
server: cloudflare
etag: W/"5d63a16b-837"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jp8gGbbL4CPY2jUIt3OPN45jx951U9jelrHaVTbjzR0BUCj1zwyxHxpaCm3ppKu9JuHQ8Ki6cuq9ponRmo8SoFR8tTQarNevUQm0UvDmPE2JrOc4IYsEXFPAXbJMyuJjo4eyx2rQ2m2WQx%2FY%2BPDNzoTRwIoV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc6c1953-FRA

GET
H2 200 ic-webapp.svg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 2 KB
1 KB 136ms
134ms Image
image/svg+xml 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ic-webapp.svg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30567fee13782f7f85b88f02df6a8f04ece331201c35d9f94094e6a70980ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jan 2020 20:39:53 GMT
server: cloudflare
etag: W/"5e0e5519-750"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZjvkkQQ588kxs5i9VsPRRFR41MvfgP6yFBNxxNVihJQGoewlhzuQnOrln9BXXbZ%2Fxy1E9OeOUG3483cItqFDMLM8VrZr0l6d40r8SOD%2FqvFNYxbP12fVQ4v%2FJaUZ5rOW1W%2BPTwqiNKRcVOMYRdpjZyeRhOC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc6d1953-FRA

GET
H2 200 ic-data-compliance-grey.svg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 3 KB
2 KB 135ms
133ms Image
image/svg+xml 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ic-data-compliance-grey.svg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d99b0d9dce1d34f63927731deed74f0aad66d1ebb0d9c638aa78c2a9ccc15d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jan 2020 20:39:53 GMT
server: cloudflare
etag: W/"5e0e5519-a22"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nRdx4mq%2Bx1YHCx4ndK3cdotmImauuN4Pz6rwsD%2Fib4it%2BAgsktZXjDH3f6sqHx05o7K0gzBMlGX1NfBUCRdzmWdBA1f9F%2BE3kh2JJcZfewqPYOIA5eDITQH2IMv4sHyFTZubC8mpPLa8x4iHxW3bfb7yHIC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc6e1953-FRA

GET
H2 200 ic-papa-grey.svg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 2 KB
2 KB 97ms
96ms Image
image/svg+xml 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ic-papa-grey.svg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c231d59be5d6a806a4d10a27e3585d77a59b2bb6b97ab2463a0c272a5abd4f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jan 2020 20:39:53 GMT
server: cloudflare
etag: W/"5e0e5519-7ff"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nR2h1r4BjmMasNq4WCrdIe0f17Dpp8DUXfo%2FKkliN8p6MioQWOIGdZoek0OHZ7g0pOSuWc0Nn2r0Wq95Y%2FPIr%2BfImqpsqOhg9TvtUTUafg%2BopVKtIEx4aUqNVnz%2FFyWV62ZP17%2Bow42zYQcdYrBQewcMqtvh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b3cc6f1953-FRA

GET
H2 200 crest-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 8 KB
9 KB 91ms
90ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/crest-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fef1425f7c30c212d094955d5b1aebe94138273040145a391e5002f3dedbc16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 8327
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Aug 2022 15:41:02 GMT
server: cloudflare
etag: "62fe5d8e-2087"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHtVek%2BryR6K5yHOxxU5qrCyiOK6wzXoLm2lzSZxv8E0lKztikP0GnciG%2FgrvrhjZNT714D6KQt7rzUMIxjFw2yCsMStTtFqoQrOfKb%2FTYxX%2Bp5lNf9V6XOz06lt%2BTnMRq8TjkciPwxGp9nFFPIVxD8LZH1S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc701953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 crest-pentest-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 5 KB
6 KB 93ms
92ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/crest-pentest-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8afb283e11bc93a2522659f7a429b134f96c3a48e4c8d6c4a9b7d58cb94b150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 5404
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Aug 2022 15:41:02 GMT
server: cloudflare
etag: "62fe5d8e-151c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48xqrJyZbaXgUHZrtXL9W3sLwEeFhj76ywGky7DgHtz4iHZque5QOID5kSXq0rqwcrD0viCntjHw6FI9c8s2hxJ9ktBLly4nGL9TojK%2FbsBIXfbvwi60hTv67bNefIKYPRJ9tvXG9qdmmIywb509A2X1uevS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc711953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 crest-star-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 7 KB
8 KB 56ms
55ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/crest-star-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7c37c9ae19c7fb39e7ae3005711178a8ce99470f2b1df4f17dfdde6e280fc18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 6909
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Aug 2022 15:41:02 GMT
server: cloudflare
etag: "62fe5d8e-1afd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRQNIyuMkefZCQxEY3kMVxzq2fLcWpxd%2BzDgdcWdM93MHQSh4qxrLKa7JFKyKKNahPUoXoI2xVXvXnLfYNvaNPlOcPXx1g%2BDGPBwAy5MbjCihBqQ6sdStMAps%2BnkSq01wu1IevF3mZGkVFgL38xOabivMKY0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc721953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 crest-star-fs-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 8 KB
8 KB 95ms
94ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/crest-star-fs-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff263c3f74d55b225d06a4066de61509beaf633b616e30cfc1ad7ee74ad2ad56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 7838
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Aug 2022 15:41:02 GMT
server: cloudflare
etag: "62fe5d8e-1e9e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVDkoIx%2B9soh2AYehrhg0E9L3MlHF63Etm2l1en3IUZIrdsqhH%2FmaAjUvZr9rb7%2FPGpoAR2GDgQNqKsX%2F8M5euSlBrbdoHFbCfE5V0QdBVSJ%2BiwHUNY8SdGSZO87IYGmgjQeZZRXAmAfFGxPOLEJJRB%2B1%2F0E"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc731953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 csir-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 6 KB
6 KB 99ms
98ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/csir-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed8e659b06cc24dd1cb0c895f64be36eb976324b03b142a0fa7d6a887e66c95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 5784
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Aug 2022 15:41:02 GMT
server: cloudflare
etag: "62fe5d8e-1698"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSnvLU4DV7uxoZ1QZac1jysDaR6brFJLS2%2BACFTw8A2RoFCrPqNWu9TmADycHrLBgpK0ljx0y%2BcKOfirVTLTBvHW0BWGklXDhK8AuzQv3Hp6DBdvYrT9oexID2QnunikW9qgXOFLpCnLuVy%2F5lfycYrIwzX8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc761953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 crest-ovs-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 8 KB
9 KB 98ms
97ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/crest-ovs-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d093a8a3a08e3d649a559b72d015c3ad75e51d76d7957498939d7ad316ca02d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 8664
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Nov 2022 14:34:55 GMT
server: cloudflare
etag: "6372520f-21d8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft%2FyDnEE25IXo7hV%2FYYzQURjkyHfCRVDfWfU%2Bz%2Bjr2O0xO9iy%2FXcerlb6JGzsCwlQhNbm7PhDJ%2Fk%2Fu0SPFwaORYE3mOioQrZ0z%2FGOpWTKCtTMWCLAZ7YRHVM4iKWsAQH1Gc358IKd8%2BRqlUz3N8aZAXNVH3Y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc771953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-cbest.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 3 KB
4 KB 47ms
46ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/logo-cbest.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b6b4ab7a4d7f85b53a3a0d82098fd137f1331e0c3f539966884dbed44bb100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 3235
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2019 09:07:49 GMT
server: cloudflare
etag: "5d63a165-ca3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO0jMCfVi1jP6ytRJyrYxliUIEIwBZW8aw64bBCOgkWrsLt6gion%2FUdga9tY7qXbbSZdA2rrAC0hLVNsj8jKHQEue8SxXlVX0%2Bur8Y8ex7B3WH9VYQilKSA%2BRE9kfqvakhRragER8ytnw8dwHsANdw7ovJg6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc781953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-check-ncsc.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 12 KB
12 KB 94ms
93ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/logo-check-ncsc.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3100f68ac26b2f6d62022e81b2fcf4e57ee88f2dafbaa4e4bc7d368401fd5e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 11890
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Dec 2022 13:48:53 GMT
server: cloudflare
etag: "639882c5-2e72"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKdAjOBemwxDXxPZuFiXAhLyf3ct9%2F08QanJKy2zgSuEZN6QnLNGV%2FTyCkYyB%2F4PFm3osacxeR0QlPz6IqpdvPs074bK5rr5pUrmTaDOtY%2FfkWmbrYep5DI7GU7M2SecdqI%2BV98jz7p%2BVZXUjCOXsyciENsR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc791953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 crest-assure.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 7 KB
8 KB 48ms
47ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/crest-assure.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c73aff0b5374409675b6ea5f0df1b29f77bad818390f209180c45b93781a920e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 6870
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Feb 2020 13:24:51 GMT
server: cloudflare
etag: "5e3d6523-1ad6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCej%2B%2BsuRB4S7je0EccOvlqwKzLsqbx60W1OG0Wn6qru213iTQppjlQycEGs%2Ft77IGK8NJnvD%2BTZ%2FWUgOGn%2Bf1YEgSQP3lhIC8FdJaw9%2B4jeO5zxPvgaY4dDdC2CHkJh%2F2vxWDIJPkvYogIIaWlU7BXW5%2F2f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc7a1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-cyber-essentials2023.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 6 KB
6 KB 49ms
48ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/logo-cyber-essentials2023.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

304969b236b757ccd46f1152d052e8b48d70d2176d92e9b06cc11308d38dfc33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 6119
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Feb 2023 12:37:36 GMT
server: cloudflare
etag: "63dd0010-17e7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgqOH%2BATfcA%2Bat06Dfu8uq6feiNOn%2BJE58%2FEYS0VxjC9mMPKwCGIaaymuk3WcyAWTRY6jZXxHI0FGwvcdkI1b36Z3u8qz1dROt8pzbqd6HYMHEQ%2BdAaLIUNzxpUmRDX3i3Cemwnx0Amb19G6ZcFFFvvphtfo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc7b1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bsi-iso27001-logo-22.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 7 KB
7 KB 50ms
50ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/bsi-iso27001-logo-22.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a266f1b5f4e2451237edf0a89339b320654b8ebb819a958ad8f671fdef124ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 6792
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Aug 2022 15:41:02 GMT
server: cloudflare
etag: "62fe5d8e-1a88"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4v4w3eWu0jf2Q9xLoUGQGxL7hTOrl8gmUYXuSpglC0Y72tMhqCHomgyVhGFTRrkdS5ClZHkg4YxkkRa1BY5eqEWU56v54WJ3GsuQOC1r6G0NBRckAUozxYgaFCl8pTjY1V7%2Ft1CTd6XF0BMrdBsvjvct2iE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc7c1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-pci-certified.png
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 9 KB
10 KB 56ms
56ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/logo-pci-certified.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

671571b8d2412d8bdcb93dbd1708de4e4571e276e289fad6105bb41a3eeeac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 9515
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Feb 2020 13:24:51 GMT
server: cloudflare
etag: "5e3d6523-252b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCmXbgOePi2sZz67lhrNqPQn3Llhkkq2AonVTDc2AtTaN%2Fp2HQLENjpPeea2nqwASXY74gGi8NaVbHYfFLQvtCrVrQExq4N2BpsAD45Wv0hu1B2P%2FVMEpnTdhJBLJAuaTvXBLSqrESVYO81I%2BSnjWhOiMvtf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b3cc7d1953-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
www.pentestpartners.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c3b54b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYR%2B0Qa%2FVlS025tGEixtVqUWtBtIEP483%2BXHZxriOP8zkVwlgV5NKl9i53acCLtSdLL5atCi8QhrkthEMnfMOZez9oovPsz1yuCNXhsCjGvrrYXniPQtCvUQvpuHhuXiM4EsFg3vu74GH1IRiROIVewDaZlF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 854147b3ed461d96-FRA
expires: Wed, 14 Feb 2024 02:07:47 GMT

GET
H3 200 rocket-loader.min.js Show response
www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c3b54b-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywjN7JA4q959AxJpM57QXSdGwESkO0R00QO3BgnOe1TgeGPcxLWyFNkLa3huRNHIMa%2F%2BeMAT0%2FXKshvNiDcn%2FgaCVL2T1jCRV19%2FNXwd%2FG8aX2ZVzNDbmUOU9B3M7lLnSwvgozLBPlGx%2FAc0NzcsEsKtg5Vl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 854147b3ed481d96-FRA
expires: Wed, 14 Feb 2024 02:07:47 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 54ms
36ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 854147b3f869bbf5-FRA

GET
H3 200 efblueheadline.png
www.pentestpartners.com/content/uploads/1923/09/ 2 MB
2 MB 56ms
54ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/1923/09/efblueheadline.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3453c6f4ce57e41b2cc7cc690bcf2fe78d445829ea65fa11a87bf3c66d3a0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 2062309
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Sep 2023 09:18:03 GMT
server: cloudflare
etag: "650c0a4b-1f77e5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLHVpQ8f47T1ggDeNTbtio9q1KbLYCtU1%2BScu4ID20jFH4E1i7sUVqBfA2A8Q6K2KpuucbptD0wgmMDFW4dllj7SAowLfglYFik4fH7GpF5JLsc1nmIplhqiYMm0IBNpeIoGMwCJ9FBqzretxYAIVo%2FX0EW4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b47dac1d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 c5bankscam-headline@0.5x.png
www.pentestpartners.com/content/uploads/2024/01/ 731 KB
733 KB 96ms
94ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2024/01/c5bankscam-headline@0.5x.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97051610cca2f89ce567cf843c0fae6e779f71e5207dfc1f5ccbda07b177337e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 748768
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 26 Jan 2024 14:15:56 GMT
server: cloudflare
etag: "65b3be9c-b6ce0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO0M25iGlBtJpm%2Bik8aqqgMxuynlobbo7w9VA487VKjmDrULDu8i8rSn9hEr8X3KgWR3%2BI9%2BMc%2B9rRZoHP9dDO3RzMqfuaHpccFlMs%2FRo30CWsGWsL%2FCUWI1BAD17FRmY7KUq6T%2F9x0l8Xl2gOP%2BuFt7Z75w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b47dae1d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 target10yrsonheadline.png
www.pentestpartners.com/content/uploads/2022/01/ 2 MB
2 MB 49ms
48ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/01/target10yrsonheadline.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22dce8de23490cf85d611815a750abf27fc8307b79654b8aff3e45e424ca29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1885108
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jan 2024 10:09:29 GMT
server: cloudflare
etag: "65b0e1d9-1cc3b4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0pzXbPIiu5nFw7466jRjnNzVPEoRxA6YgTDR3%2FsqrBx5wQ75lS%2BZNeejw8OBsMXAH9lRQ%2BR%2BpuIOestfDDqnW%2BtcMcP%2FVahcZgc7vRys2hJmstLsBHTEt7uG76BA%2BTc6yZwtzj9PiFm9YmoFpRIxGm4q2e5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b47db01d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Alaska1282doorlock-headline.png
www.pentestpartners.com/content/uploads/2022/01/ 1 MB
1 MB 126ms
124ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/01/Alaska1282doorlock-headline.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76acaa55fe9e6419bdd1d1808498c520237a87273297a0716e434b24dfbbaa89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1296382
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Jan 2024 11:44:25 GMT
server: cloudflare
etag: "659e8319-13c7fe"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXsjnrOqfUoDIFUIBRcxXbxrZ%2FyemaOJWDCf8rzU2sswM9gZ4CYCQuZoUO%2FOd990ylpQJ7DNZkAWUsYQ1zzD1mqTrCBeY%2FI4GDec3jP9w0QiVMOSvupF213spa6OIJIpOkSVFbnF0DS0UfiW4cA3NMALUIes"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b47db11d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 home-people.jpg
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/ 1018 KB
1019 KB 161ms
160ms Image
image/jpeg 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/images/home-people.jpg

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3d75c73a98b713b299a27357ddd10200d4fc3fab5ae05b9ff955d484c9d6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1042210
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Feb 2024 17:12:59 GMT
server: cloudflare
etag: "65bbd11b-fe722"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByM5wS8DNyq615cuqXf7dHJAFbwYhZH88rW7o2n3hp3BFZuMmVW6Nk%2Bvr%2F0rnwL5Nkt0jp6Emy%2BcCbywMBRutZiro9pBuvqrl7AZW%2F0A8P%2FJiDqkPNVO%2FzPziAYOXFp0BxRWnF5Qd2LoWHKDbmlvkMlJ1s50"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b47db21d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:55:38 GMT
x-content-type-options: nosniff
age: 353529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:55:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 37ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:34:12 GMT
x-content-type-options: nosniff
age: 12815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Feb 2025 22:34:12 GMT

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 20 KB
20 KB 42ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Serif+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 00:30:55 GMT
x-content-type-options: nosniff
age: 178612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20528
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:17:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 00:30:55 GMT

GET
H3 200 livall-pttbutton-768x576.png
www.pentestpartners.com/content/uploads/2022/02/ 705 KB
706 KB 164ms
163ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-pttbutton-768x576.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507cac4babd145dd7fe1e52bb3a4f1c15d55cab732c36536be55d201aa09811b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 721754
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:59:50 GMT
server: cloudflare
etag: "65c11406-b035a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUZXsgkgaZgl488uNxNFOfiR5RliTPrOkpiltktI5ZjlpLzZY%2FlgIN7U3o%2BpiCwJSO0B91YXZq8GYyHwRO3nPwo80Zp3kN%2FBm1BK3lfedscZqFwEtvbAy4V%2BmoK2h53D8XdF3a1OPOQOep109NSiIsNLwG7f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b49dbd1d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 livall-ski-helmet-ptt-use-768x576.png
www.pentestpartners.com/content/uploads/2022/02/ 428 KB
430 KB 176ms
175ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-ski-helmet-ptt-use-768x576.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ce86f931dccf182714c9050eccd38681a0217ad6150bad1bafe13827bfb79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 438358
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:59:44 GMT
server: cloudflare
etag: "65c11400-6b056"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6fE3wWFsaWSnbQrEIviZdv89MchsL54B4gt1WxY56yWjNOqNUEfxGsuVoKANx%2B%2BQQeZqDbp2yMrPI2wYe46%2BWF7sS5joh39OhkjVz9Rj1EAYecigtePVX0ZH8rfLcrD4ZNULI%2FU1ptJroV7x474dAoD2Fm7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b49dbf1d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 livall-post-4.png
www.pentestpartners.com/content/uploads/2022/02/ 22 KB
23 KB 189ms
188ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-post-4.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25e4f8c5e82e632dfbf9f8d8316012b981aa59fad47d7445d9721e89c0dd6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 22447
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:28:47 GMT
server: cloudflare
etag: "65c10cbf-57af"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ls%2BzLSMnYLt9ii7vBE7a0whF9zIBkorXHNnj%2Fbw01JVTCb6NTvNqtFbYVY4oxji5TJmx2uzgj2mcgIILLTXDQ62ZcDGENXwi8FOiBrTEl2sGPp9U1lrdlrltwhcudQGuRVd3PsV41p6nl6U7Zlz96Zm08IX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b49dc11d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 livall-post-5.png
www.pentestpartners.com/content/uploads/2022/02/ 17 KB
19 KB 190ms
190ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-post-5.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f9918768ed1f5451d3cc90198465b59ae0a3d629a06ce3477c981b2c6901a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 17860
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:28:47 GMT
server: cloudflare
etag: "65c10cbf-45c4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B82DzaYyo4apWNcfhRnmHRcQg6gGC1hsWMbOISYSJEdbG8vG%2FrvX9GjuQx21ONgZRVXlSUzfngp7Cl9RdYiiJwE6EF4uvpDsKs%2BquPnfYee3h6AYXR4YdtRTZVFfs9Abe3zGAmOwlOqYwqVoc%2BI5%2FGsqEtG5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b49dc41d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 191ms
191ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z7SvN8DkDNajpYJxFi74t9AdluA7KSwNm6Ifs5UmW1AvmD%2Bp051bjgeJ79RK3w5KD6IRxDdfM%2BVZb3k%2FKjRo4uXCCUuq1nwM4AIPdROt71iUkz0Fqi0iHxyBg9HSX1oNRXijx63I5%2Fli%2FW%2B1TTEZiizMw08"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dc81d96-FRA

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 188ms
188ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SD%2F0VSH2TwPisBtCAPC2Ml8nCPjoBdWKLzL67JOTFtrR5JlvV3EsLe2BZSYkZuV015ZP8G49WWGYz%2Fhb7%2BVHq%2FpLv2NV%2FE9ZYoA608zAYRNfHYo6tOm3WC%2FmJwUFed65oqRAZr8gDC%2FTZSK6OjQKJgqEUW4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dce1d96-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 57ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NMLD95V

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55757dc2c7eb6bf96ed361adc7bc65dd2878014919a27ddda179ebbfdd653a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 02:07:47 GMT

GET
H3 200 lazy-load.js Show response
www.pentestpartners.com/content/plugins/lazy-load/js/ 902 B
2 KB 188ms
185ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 Sep 2019 21:03:09 GMT
server: cloudflare
etag: W/"5d72c98d-386"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKgXLQ21koI6DU%2FaFLEYfKxmggd2r%2BbZmmPVlaQGW9WmTZve243gqvEuV3WOqjFj0mkTGv0znmXMz8P04U%2Fs1wgrqJ%2BepFlPFQn1qDwdvE3UAQn8UL1z7PVHQPecuQX5P84Pajp6InvzTF0HHGykcm4tYN%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dd11d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.sonar.min.js Show response
www.pentestpartners.com/content/plugins/lazy-load/js/ 1 KB
2 KB 189ms
186ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 Sep 2019 21:03:09 GMT
server: cloudflare
etag: W/"5d72c98d-580"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FJpaKcozfheOW43XGTicLmDOIGcRw%2FfiDbkgcsNtnnhBgpZvU7E7d9Un0xVQRK%2FpN23%2FVWcljk8%2FvMH7gSz4LdPXJarXwM9aRcCyUdlNoHdACkCn2dgBuueUEygSMvx%2FWSIGcjIIsFZ8D2cRgkFpOh7czZ%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dd21d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main.js Show response
www.pentestpartners.com/content/themes/pentestpartners2019/dist/ 260 KB
85 KB 189ms
185ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/main.js?id=685b9096a5cb2d5d2c37&ver=1

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf47ba30fa398d0fba04e473ba7ea0f347b7c7bd6835748c0af3e7d4791ffec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2019 09:07:45 GMT
server: cloudflare
etag: W/"5d63a161-40fa2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hB%2But0%2FVaBw6i%2BHiCurTefkWebGK1QkteFx2gu%2F2%2B%2BdA3PF%2BE3CUMOqwmrGYmunpkWGjF1cL1LkFUS7bXt6JQA24K2AlJXnc%2B3tZ7pCeVe6PKbmrcdFEHhgxVUXAQnF6pgMf6nyt0J4UeqHgNz94%2FXbYQLQQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dd31d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 addtoany.min.js Show response
www.pentestpartners.com/content/plugins/add-to-any/ 129 B
1 KB 177ms
172ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Jan 2024 10:57:33 GMT
server: cloudflare
etag: W/"65a50f9d-81"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgH9CpZrNN0KOyib8zwivkCe85jAsRf4tFHh5OLL27lL%2BEVsAnpi%2Fu3hMvCEwXNLSQB%2F%2Ff6fkLSvw5vCsaGQc6bZlk4gu71KpXKvaQjp%2B7AIrS4%2BROwY%2BsypGaIq0Kvs%2BsIeSP%2Bij5q8hlDfZc7kGiF5bQ0u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dd51d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 42ms
18ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18187
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOVm8mcv%2FkUB5QJ9tqFgyo3pbaBU7jUfrjHk6F4qZwv7TcYbZAyNJJUO8H6oB5QpWrpR%2FGghH49COBM3mzslzM8qccC2ulWQ3v8PToDQx5sVTAVlg5GuDm6d26A8zOeiLXIOMEKF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 854147b4bf3e8fd1-FRA

GET
H3 200 jquery-migrate-3.4.1.min.js Show response
www.pentestpartners.com/content/plugins/jquery-updater/js/ 13 KB
6 KB 178ms
174ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/jquery-updater/js/jquery-migrate-3.4.1.min.js?ver=3.4.1

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Dec 2023 14:14:30 GMT
server: cloudflare
etag: W/"656f3046-3509"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8dgSjXb8PrabKMKUOknKnuJ1APn%2B1HfIv9p%2B4BJxNeuqXaX9quWR0mgZJeDCEqy0TORt%2FwZP0RWYVTARyjIZTiuIhcb8%2FS25TxSqouBksQxzDqSXmo5bpspGRA1jDpc5y8pgLM4RmRZUm808W1AIOtwXa5i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dd61d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery-3.7.1.min.js Show response
www.pentestpartners.com/content/plugins/jquery-updater/js/ 85 KB
32 KB 179ms
176ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/content/plugins/jquery-updater/js/jquery-3.7.1.min.js?ver=3.7.1

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Dec 2023 14:14:30 GMT
server: cloudflare
etag: W/"656f3046-155ed"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVuucMlFBuT6tnwFNbopZqf2sTYuOFQULB2f7lzottM0ni5hPKUgvgFe28lKBUN%2BFRjIueBhzRDlaa85%2FI0KDZgO1PSh7i3Kf0%2B%2B%2FF0OaLx81hmofMpFqtzFnEcF%2Bl3Lwp5gc4bw3sJpmrWr0r6INBFr5beZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b49dd71d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 180ms
173ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NDXSKZPCkbT8Cb6alExCfHwxzA2r2BZo4%2Bw43Q3fAkGAiEJ94cHCNEg3FyI%2BDPNy4fJf8iY%2F8BCW7zf0KiaA4b8Dc%2BYimn4Rd3Rl0U6tsZsGHD7cUGQDUqOSRREokFurC3pIlr1pRg4ewseseusqlBoNTi9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b4add81d96-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 47ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0d67a50398bb001fb0f8cc9ee406fb86c3e8dd70a149b07ee4e3851c8ff6b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 02:07:47 GMT

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 180ms
174ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8H50X%2FE%2B2tnoKhhKNiz1UdkV1S%2FV41WQJ80%2BU5ysoGuTlX%2FpBcKzWDG0%2BO1ld%2F2mGfo0kxQHq3jK8LJma5TLnFd6LRf38dKO3WTMsA9jRp3BmuVjNGaGY7RGxvM3gxtGZ8QJvjgJDCsdnbnr2%2FWWCeV%2BGHTT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b4adda1d96-FRA

GET
H2 200 b342aaba-f883-4d89-a6fa-d7868e2ada8f Show response
app.termly.io/resource-blocker/ 1002 KB
300 KB 249ms
223ms Script
text/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/b342aaba-f883-4d89-a6fa-d7868e2ada8f?autoBlock=on

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328f4fffea904ac9bc593338240e4b875be2e8b6916424e25b9273ef5a3a8b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-request-id: 6a286a4a-c3dd-4f5e-85be-5fb69565dbce
x-runtime: 0.043763
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"328f4fffea904ac9bc593338240e4b87"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 854147b4cf719196-FRA

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 86ms
86ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hvOLHvs1CF5Q21dyfk6B1et4Ul1EpMfXoxPU7jda5T4lsc1uMATv69iLuqp0f3DkVMEPP6YBRLJTBSHnE0dW5OcX7f7L%2BAjPS4XkV%2FQfJKLOLcYtebhYI%2FvFARchlEPFtTNVaNkg0MarRtkImzGvNPOtcit"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b62ea51d96-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
49 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

059ac4f35245ac25ce34e98763d6c2a6d7fd01fb12772dd7c58cd6f180e6c136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50218
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 02:07:48 GMT

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 42ms
42ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZvzHeGo4ouigjB7%2BAh2XaNAzouKzH%2B0gApI6OOH8EVmuN%2FEY7Qkko9I8nAxuef60XG5GkqWisVQDxd7hoTrQmZv0PONkth95AemysIDYrQ5IfHIwwKQgWzlKz2%2FcZ1N%2FeVF3s8GqPc4%2FvjKt7%2FJH3Z%2F7cBp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b62ea71d96-FRA

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 40ms
40ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW3leDE4P0yGpXvb5I8YGHXSVAnjtJuCKz1YDvRj6eBpHlqCeZp4D2ySvlmpKgHuXo%2FQnf8fKowLCSxp1I9QBnU2xGuCSKNhFBLMfrjMfXmp8EMkKTX4gJLArFwE4JMFKlkY%2B3KZBWBJx9GerZt1jvdONTaG"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b8b82c1d96-FRA

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 37ms
37ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk%2BdHgCoIfrEUG%2Byw%2Bko0h83YireUqh6DawRPfwD8pygLKIGGiDvV1Xe96vNC5df4J4HgHM8EBWF6qvrvL5zog1ImAgKMxy2ZNYwjT5tonC87ntSzeX5%2B%2BBTOsnBRihnix52Abkt6ZCIHcddY7n3akFb%2Bzic"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b8b82d1d96-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4928a739828204dd9c74d8e56f548c8181a1ec4e46688faaaad2d3fa32d19f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 02:07:48 GMT

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 55ms
55ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fJZ2BGqJaYzJK0qvmulUc4l%2FQSL25O70T7M0EGz%2B4Ws95ZoMNsG60V5Eqgr5DOLifog7NFLwwnQ9bm99%2BO%2BgnNZvKd%2FnyRkpvkI0Jge9LleSc0SwtvM%2BpNlqMcv%2BY9x%2FHvAClIHlpqIkjQYvXkAQEqpzLlj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b8b82e1d96-FRA

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 46ms
46ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiH%2Fk3vXoq%2BKYHeKO3gqld2p0O2UtYPOeUzJ0If8vOrae7uz7gXMtLivj2Ib0SV7HBS2IPXjJ00ORhEya6BN7bSu%2Bel1oC%2FM3%2BlMdYGp2W7JTBu8vIY2XhxkFSmItZc3229HCv%2BhlHcxFQfebXS%2F9rM%2FhrL3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b8c83a1d96-FRA

GET
BLOB 200
OK ebeef8e5-cbb5-460d-9c18-45c18124705a
https://www.pentestpartners.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.pentestpartners.com/ebeef8e5-cbb5-460d-9c18-45c18124705a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 37ms
37ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm0W40E7DBH5FxXs%2FD8ZSS2uuqD9HL1J77W0uSklYBajf3j34l30B9STQhl0GgurSVlY7K3rClGFBOl8jBirRmGdmYSKVKmrON4ZG7h46Viv6WD2SiT6X3LOaD4QisiicH0v64xFeBilaJB492X8qlsGsZcE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b8e8481d96-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-099PKGM7MZ&gtm=45je4270v9115676575za200&_p=1707703668187&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1178526649.1707703669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707703668&sct=1&seg=0&dl=https%3A%2F%2Fwww.pentestpartners.com%2Fsecurity-blog%2Fski-bike-helmets-protect-your-head-not-location-or-voice%2F&dt=Ski%20%26%20bike%20helmets%20protect%20your%20head%2C%20not%20location%20or%20voice%20%7C%20Pen%20Test%20Partners&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1170
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:07:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pentestpartners.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 39ms
38ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTaYoFV0z6ORzCIzJY9BcKyrjz7PglD6IYF%2Fqfocaoue97KNdOlb5ZdeqlnrKuvBivwaGJvwvQn1w5t6LF0v5v%2F3doBXkcp%2BUXcqfrhCBnrSemD%2FBnmcoLsujd%2BABF1Ja8NYe4AWbFNi5wnxYZlkYnhdw%2FcF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b8e8491d96-FRA

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
49 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

059ac4f35245ac25ce34e98763d6c2a6d7fd01fb12772dd7c58cd6f180e6c136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50218
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 02:07:48 GMT

GET sm.25.html
static.addtoany.com/menu/ Frame 31BE 0
0

GET
H3 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 70ms
55ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyWuOwb6tEHYayHhxjqtKaf2u0Bv7R8VjgRFPWiHC1BLr664QvM5xC%2FXvSLv07e7jJrZjZEEgqDh5l6jlvAxwGI8M8GpNDz8c6TAP%2F3FpHHc4XL74Zc0IsgVl3d%2Flm%2BIW8R%2BFS2yZvKScE025128p%2Bel"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 854147b90e24368c-FRA

POST
H3 200 csp-reports.php
www.pentestpartners.com/ 0
1 KB 38ms
38ms Other
text/html 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/csp-reports.php

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PgGfZ0bNGDFJTAZr94nOPCNnPHsZ%2BUH339Jwl4zNV6ubqMgvWtXuFRiILOG%2BXU4An%2B2hA53w0Kfb4t9uYdAKYIArFFacLDJzzR%2FiQygp%2BhvQK%2FbX4B8MlKCBfsYFZEmzbwHkLto7ME2ZerjmiG1kkl5JcMO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b9085b1d96-FRA

GET
H3 200 livallskihelment-headline.png
www.pentestpartners.com/content/uploads/2022/02/ 1 MB
1 MB 92ms
91ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livallskihelment-headline.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf81caed123d2f7e22e878084b40bb3febdf992cdfaa88ccb1458fee1ba9e5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1522178
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Feb 2024 12:15:27 GMT
server: cloudflare
etag: "65c222df-173a02"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Bp67RZJvOQnHdqy%2Bz5OHeXF4eM381aDkGrOKu5YPoP%2BOmGwsvZ1KxZeWhjjI%2F4qYQCypAkCyQ4aC1h6UDfCS%2BmWucW53WIedYp3gij6A7pu7%2FMyJGcqeeLeLHlq3xUditokjxN7g2G3%2Bxr%2FstC3OhIZ5T%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b908671d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 livall-ski-helmet.png
www.pentestpartners.com/content/uploads/2022/02/ 2 MB
2 MB 93ms
90ms Image
image/png 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pentestpartners.com/content/uploads/2022/02/livall-ski-helmet.png

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9267f3d9f9cfba18421047aa31ca82acf48067feeef4c20393fe74a2c989e5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
content-length: 1661397
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Feb 2024 16:59:47 GMT
server: cloudflare
etag: "65c11403-1959d5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz0APoWCt24AXASWzMDjbDoj0GcGdnKBU%2FjQ9v94zxI3N9yCX%2BV5H5zM%2B6XOMy22JrAl9IfloZ5ofjM3%2BM0JAMeKVq2HuWMrVp698LlVbKSQaHPSDjJD3HqmmBxCqxbSGxMFFO%2FSUiN4BLkmHOROb0wjrNFf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
accept-ranges: bytes
cf-ray: 854147b9186b1d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1023 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700%7CSource+Serif+Pro%7CSource+Code+Pro

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/content/themes/pentestpartners2019/dist/main.js?id=685b9096a5cb2d5d2c37&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dae242d8c9f8ceac312ec0b961e429506d3b8f7b0711311ad7246b652b9a13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 02:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 02:07:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 02:07:48 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.pentestpartners.com/wp-includes/js/ 18 KB
6 KB 137ms
137ms Script
application/javascript 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/wp-includes/js/wp-emoji-release.min.js?ver=c60c8245b0933a0f6a8601204b05f5f6

Requested by

Host: www.pentestpartners.com
URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: default-src 'self'; frame-src https://api-5487f10a.duosecurity.com/ https://www.google.com https://www.youtube.com/ https://static.addtoany.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com; report-uri /csp-reports.php
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Jan 2024 10:57:10 GMT
server: cloudflare
etag: W/"65a50f86-4904"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGlqdmTaeLzvPpK%2BAkZkOXfl%2B3gVPYlrCxEzrpu%2F8ABZckyVTFh1lsOTI2qYf3Ezo7T29RThc0ggC%2BJQ15BNCj3U0XDP5NCYp3fBMmDxbclRVafs7B0H5rkzqdRHt%2F3YqyvMM8pnIimyXeLy2HvkEYRXh%2B%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none';
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), fullscreen=(self), payment=()
cf-ray: 854147b9186d1d96-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 rum Show response
www.pentestpartners.com/cdn-cgi/ 0
146 B 10ms
9ms XHR
text/plain 2606:4700:20::681a:4c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pentestpartners.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pentestpartners.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 854147b918701d96-FRA

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700%7CSource+Serif+Pro%7CSource+Code+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:55:38 GMT
x-content-type-options: nosniff
age: 353530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:55:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700%7CSource+Serif+Pro%7CSource+Code+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:34:12 GMT
x-content-type-options: nosniff
age: 12816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Feb 2025 22:34:12 GMT

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 20 KB
20 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700%7CSource+Serif+Pro%7CSource+Code+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 00:30:55 GMT
x-content-type-options: nosniff
age: 178613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20528
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:17:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 00:30:55 GMT

GET
H2 200 HI_diYsKILxRpg3hIP6sJ7fM7PqPMcMnZFqUwX28DMyQtMlrTA.woff2
fonts.gstatic.com/s/sourcecodepro/v23/ 11 KB
11 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v23/HI_diYsKILxRpg3hIP6sJ7fM7PqPMcMnZFqUwX28DMyQtMlrTA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15057fef797f7f64d90cf20c4647e2697c3ec75b4094c3d3faa9bb3c1124f1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:24 GMT
x-content-type-options: nosniff
age: 353484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11048
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:56:24 GMT

GET
H2 200 HI_diYsKILxRpg3hIP6sJ7fM7PqPMcMnZFqUwX28DMyQtMlrTA.woff2
fonts.gstatic.com/s/sourcecodepro/v23/ 11 KB
11 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v23/HI_diYsKILxRpg3hIP6sJ7fM7PqPMcMnZFqUwX28DMyQtMlrTA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700%7CSource+Serif+Pro%7CSource+Code+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15057fef797f7f64d90cf20c4647e2697c3ec75b4094c3d3faa9bb3c1124f1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:24 GMT
x-content-type-options: nosniff
age: 353484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11048
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:56:24 GMT

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
940 B 65ms
64ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTedepr7bE3UTBzNXsKVGksuEpWlAhQe%2BZZO%2B%2BuonpRx%2Bh%2F%2BdWNXAXesf1TgHWrvRxJHjdWFbunic8Svo164xjhowmXv8P5H%2BKr0tzsZy2ylEqSCuF9xAvAYK0wEBDuqaLB8ePakMeXY8hq1ZS2wfZZv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e68368c-FRA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
824 B 60ms
59ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbR3YqHakMHCvhiWYvZk5fTByvYarYn7Jgd%2BZsGvrwZ0AmNKuVT5LkTCWeutlWQIU9nPrTlaEPsM2iirMwRnfCatJyU2ii9%2BrvF7eDCvz1dqNjrvzOdSoV%2BKppMeQjNKvyEyNTZQ8CVggoPczdgeaayi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e6b368c-FRA

GET
H3 200 linkedin.js Show response
static.addtoany.com/menu/svg/icons/ 447 B
827 B 47ms
46ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/linkedin.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9daed000021c96e3353a5b331baa4443cdcfd11737976cd8b2f6821eabf65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9c8ac02824bf44bdc91505c6344a09ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSg%2B08qP%2B6ZViRuTwg5Yr29UKoNI03wlrcGjJOS6KhFRQEytxEuJE0jteihF7ihsgWLqJnhxij2%2BKuv%2Fn97BTfnut2lUBrt02BwXS2T65aE5kK56gaZCZtFxjaQAcf3fwuZiWTyqOWJLc%2BXWaF7AfiIG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e6d368c-FRA

GET
H3 200 slashdot.js Show response
static.addtoany.com/menu/svg/icons/ 206 B
697 B 55ms
54ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/slashdot.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450e708db0ae1cf2b254d69dad9947bb7d85aa7c33c04fee237b619ad5d28754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3a68ae0235673aefb74117a85c175552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SBksEjsE73ZppFW3qxM8RlM4%2B%2FBJPoqEnYqQXCTYeqm48dgNihhlBRjAZfyxDWm0uR9ZqePbyiYU610TJql%2BG4Dze1FbqJayaRyEvzuc8qmNh70%2B1HRtI5B27Myn3V4DqBaKBuKJRrekK3NOXG7tHlN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e6e368c-FRA

GET
H3 200 reddit.js Show response
static.addtoany.com/menu/svg/icons/ 929 B
998 B 57ms
56ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/reddit.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32acbaf49df946ebb1f9958224f92100b9dca8fa41d0e4ca354d43f08f6f20d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"22f5e4e420fe8a8f261f152f0bdf4c34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMJuj%2BfyfM5m2QPQQ8tvuu%2F7iFamnHsVQRfc%2ByQIcCd8IAWgD9Yw5VwcWCx75qjJuRIBiakKOmat3%2Brl%2B1k4hxUSIqt3%2Fia8c0abOyk59pdqUimCSf2NW6bFfpBFq6e0rHsXxCIsBrLR9z8A9WTO8AbV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e6f368c-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 427 B
826 B 58ms
58ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJlNBvDhGXdEyVYFDzuYCm3wS4ER3RCRRvOoRDITyI4cg0MtJSAxEHKiXc%2BEz166qs%2Fjj3BIikUVM9%2BzVn%2Fv9fVWODfvOzPZAw7izqB103j9fDsUqbCpCCBaUiSOmLHC1d12NR4UqR6WUx8pcmRBhm0R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e70368c-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
679 B 60ms
60ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://www.pentestpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YZrMWCsrHMd5YXmNVBb8neZOhT11cK%2FWf2BNdxv%2BP2bCa9hegZoCGpjjCDZ4y%2F%2BrBzWF9EQ1sPUj8S5Ssnfm75r4h5pF66n0oowFtahbFRxJ5SfbYfWdScMyUUPFNce8fwH8PNMd3gvxDCPrf%2FDU4hF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 854147b97e71368c-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.addtoany.com
URL: https://static.addtoany.com/menu/sm.25.html

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/themes/pentestpartners2019/dist/images	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/themes/pentestpartners2019/dist	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/plugins/rotatingtweets/css	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/wp-includes/css/dist/block-library	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/themes/pentestpartners2019	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/plugins/jquery-updater/js	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/plugins/lazy-load/js	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/plugins/wp-pagenavi	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/plugins/add-to-any	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/uploads/2022/02	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/uploads/2022/01	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/uploads/1923/09	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/content/uploads/2024/01	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/wp-includes/js	1969-12-31 23:59:59	Name: Path Value: /
www.pentestpartners.com/	1969-12-31 23:59:59	Name: Path Value: /
.pentestpartners.com/	1970-01-21 03:57:43	Name: _ga_099PKGM7MZ Value: GS1.1.1707703668.1.0.1707703668.0.0.0
.pentestpartners.com/	1970-01-21 03:57:43	Name: _ga Value: GA1.1.1178526649.1707703669

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation, midi, sync-xhr, microphone, camera, magnetometer, gyroscope, fullscreen, payment. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
rendering	warning	URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/(Line 4) Message: The key "maximum-initial-scale" is not recognized and ignored.
rendering	warning	URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/(Line 4) Message: The key "scale" is not recognized and ignored.
security	error	URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/ Message: [Report Only] Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=GT-NMLD95V' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: [Report Only] Refused to load the script 'https://app.termly.io/resource-blocker/b342aaba-f883-4d89-a6fa-d7868e2ada8f?autoBlock=on' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	(Line 3) Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: [Report Only] Refused to load the script 'https://app.termly.io/resource-blocker/b342aaba-f883-4d89-a6fa-d7868e2ada8f?autoBlock=on' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5(Line 49) Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ&l=dataLayer&cx=c' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	(Line 4) Message: [Report Only] Refused to create a worker from 'blob:https://www.pentestpartners.com/ebeef8e5-cbb5-460d-9c18-45c18124705a' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/security-blog/ski-bike-helmets-protect-your-head-not-location-or-voice/ Message: [Report Only] Refused to create a worker from 'blob:https://www.pentestpartners.com/ebeef8e5-cbb5-460d-9c18-45c18124705a' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ(Line 130) Message: [Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-099PKGM7MZ&gtm=45je4270v9115676575za200&_p=1707703668187&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1178526649.1707703669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707703668&sct=1&seg=0&dl=https%3A%2F%2Fwww.pentestpartners.com%2Fsecurity-blog%2Fski-bike-helmets-protect-your-head-not-location-or-voice%2F&dt=Ski%20%26%20bike%20helmets%20protect%20your%20head%2C%20not%20location%20or%20voice%20%7C%20Pen%20Test%20Partners&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1170' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-099PKGM7MZ(Line 130) Message: [Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-099PKGM7MZ&gtm=45je4270v9115676575za200&_p=1707703668187&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1178526649.1707703669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707703668&sct=1&seg=0&dl=https%3A%2F%2Fwww.pentestpartners.com%2Fsecurity-blog%2Fski-bike-helmets-protect-your-head-not-location-or-voice%2F&dt=Ski%20%26%20bike%20helmets%20protect%20your%20head%2C%20not%20location%20or%20voice%20%7C%20Pen%20Test%20Partners&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1170' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	(Line 10) Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-5CQ6NHF5' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.pentestpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=GT-NMLD95V' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.addtoany.com/ https://ajax.cloudflare.com/ https://www.google.com/ https://www.google-analytics.com https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.termly.io
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
static.addtoany.com
static.cloudflareinsights.com
www.googletagmanager.com
www.pentestpartners.com
static.addtoany.com
2001:4860:4802:34::36
2606:4700:10::ac43:2794
2606:4700:20::681a:4c0
2606:4700::6810:3865
2606:4700::6812:1fea
2a00:1450:4001:809::200a
2a00:1450:4001:827::2008
2a00:1450:4001:830::2003
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
059ac4f35245ac25ce34e98763d6c2a6d7fd01fb12772dd7c58cd6f180e6c136
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0fef1425f7c30c212d094955d5b1aebe94138273040145a391e5002f3dedbc16
14b837e54b3fb5b03edb9ce6b6ccc4fc5837367dfb2018df7818066ba678e92d
15057fef797f7f64d90cf20c4647e2697c3ec75b4094c3d3faa9bb3c1124f1e8
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a3d75c73a98b713b299a27357ddd10200d4fc3fab5ae05b9ff955d484c9d6b1
304969b236b757ccd46f1152d052e8b48d70d2176d92e9b06cc11308d38dfc33
3100f68ac26b2f6d62022e81b2fcf4e57ee88f2dafbaa4e4bc7d368401fd5e94
328f4fffea904ac9bc593338240e4b875be2e8b6916424e25b9273ef5a3a8b08
32acbaf49df946ebb1f9958224f92100b9dca8fa41d0e4ca354d43f08f6f20d1
3453c6f4ce57e41b2cc7cc690bcf2fe78d445829ea65fa11a87bf3c66d3a0c8e
37f9918768ed1f5451d3cc90198465b59ae0a3d629a06ce3477c981b2c6901a0
3becb997288083db3873ce10c6f9fb24753c32c4887bf3c6cbc27ee64117a543
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
450e708db0ae1cf2b254d69dad9947bb7d85aa7c33c04fee237b619ad5d28754
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47677f03d3b61fb9d543ccf115eede239446c305343132fb12d9882d15adcb27
4928a739828204dd9c74d8e56f548c8181a1ec4e46688faaaad2d3fa32d19f35
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
507cac4babd145dd7fe1e52bb3a4f1c15d55cab732c36536be55d201aa09811b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55757dc2c7eb6bf96ed361adc7bc65dd2878014919a27ddda179ebbfdd653a01
60b78182d32bc1435404f2a75a1d882cf595b552ec57a0fd71eceec586da245f
60ce86f931dccf182714c9050eccd38681a0217ad6150bad1bafe13827bfb79b
60e7a9ecb92ebdc65d8058c8f1bf6a7a32d6e8a1ff288ba74bc88d200ee1d159
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
649d0e2bfb3815f99794e848610f10b674da5a6cf834a61908df7b09bc090474
671571b8d2412d8bdcb93dbd1708de4e4571e276e289fad6105bb41a3eeeac83
68c54d88521652031ca116238b254db44d4722b4d7e474cdacbced406e531499
6cf47ba30fa398d0fba04e473ba7ea0f347b7c7bd6835748c0af3e7d4791ffec
6d99b0d9dce1d34f63927731deed74f0aad66d1ebb0d9c638aa78c2a9ccc15d8
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
76acaa55fe9e6419bdd1d1808498c520237a87273297a0716e434b24dfbbaa89
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
7dae242d8c9f8ceac312ec0b961e429506d3b8f7b0711311ad7246b652b9a13a
7f0f497d838253b68170a374172e83bd88f57a0acf4ccd01fb9a3e5147698507
7f9daed000021c96e3353a5b331baa4443cdcfd11737976cd8b2f6821eabf65c
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
9267f3d9f9cfba18421047aa31ca82acf48067feeef4c20393fe74a2c989e5aa
97051610cca2f89ce567cf843c0fae6e779f71e5207dfc1f5ccbda07b177337e
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a266f1b5f4e2451237edf0a89339b320654b8ebb819a958ad8f671fdef124ea8
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
b7c37c9ae19c7fb39e7ae3005711178a8ce99470f2b1df4f17dfdde6e280fc18
be2e621c471e3a7999e544e35704f0531fe8981d78d74f94845eb18970e96480
bf81caed123d2f7e22e878084b40bb3febdf992cdfaa88ccb1458fee1ba9e5df
c02091afbd5c20fd828425c86a06ca87bd3d2dfc41c127f1987b8fd0796b8e6c
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c231d59be5d6a806a4d10a27e3585d77a59b2bb6b97ab2463a0c272a5abd4f08
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c73aff0b5374409675b6ea5f0df1b29f77bad818390f209180c45b93781a920e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d093a8a3a08e3d649a559b72d015c3ad75e51d76d7957498939d7ad316ca02d8
d0d67a50398bb001fb0f8cc9ee406fb86c3e8dd70a149b07ee4e3851c8ff6b2e
d53a748a38dd7b2ef68c1fed3855274031859c644de087c4f6ffe62683aba87f
d8afb283e11bc93a2522659f7a429b134f96c3a48e4c8d6c4a9b7d58cb94b150
e25e4f8c5e82e632dfbf9f8d8316012b981aa59fad47d7445d9721e89c0dd6a1
e30567fee13782f7f85b88f02df6a8f04ece331201c35d9f94094e6a70980ef6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8e659b06cc24dd1cb0c895f64be36eb976324b03b142a0fa7d6a887e66c95b
f0467b38acd64efd76a134423c52ab86ac0dfb76c9fea372db761fc480863a16
f0b6b4ab7a4d7f85b53a3a0d82098fd137f1331e0c3f539966884dbed44bb100
f22dce8de23490cf85d611815a750abf27fc8307b79654b8aff3e45e424ca29d
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff263c3f74d55b225d06a4066de61509beaf633b616e30cfc1ad7ee74ad2ad56

www.pentestpartners.com Open in urlscan Pro 2606:4700:20::681a:4c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

97 %HTTPS

100 %IPv6

8 Domains

8 Subdomains

9 IPs

2 Countries

16180 kBTransfer

18204 kBSize

18 Cookies

12 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pentestpartners.com Open in urlscan Pro
2606:4700:20::681a:4c0 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

97 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

16180 kB
Transfer

18204 kB
Size

18
Cookies

95 HTTP transactions
-1 data transactions