urlscan.io logo urlscan.io
SecurityTrails logo

www.neowin.net Open in urlscan Pro
5.10.17.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www-neowin-net.cdn.ampproject.org/c/s/www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-ava...
Effective URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Submission: On June 13 via manual from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 6 countries across 23 domains to perform 94 HTTP transactions. The main IP is 5.10.17.165, located in Ashford, United Kingdom and belongs to EVEREST-AS, GB. The main domain is www.neowin.net. The Cisco Umbrella rank of the primary domain is 239513.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 27th 2022. Valid for: a year.
This is the only time www.neowin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2a00:1450:400... 15169 (GOOGLE)
1 2 5.10.17.165 60610 (EVEREST-AS)
3 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 99.84.88.120 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
13 2600:9000:236... 16509 (AMAZON-02)
1 35.201.67.47 396982 (GOOGLE-CL...)
1 99.84.88.71 16509 (AMAZON-02)
1 99.84.88.68 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
12 18.66.192.25 16509 (AMAZON-02)
2 108.138.1.25 16509 (AMAZON-02)
1 212.115.110.216 204548 (CLOUDWEBM...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 162.19.138.82 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 63.32.67.140 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
94 24
24    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www-neowin-net.cdn.ampproject.org
cdn.ampproject.org
2    5.10.17.165 (Ashford, United Kingdom)

ASN60610 (EVEREST-AS, GB)
PTR: web4.rdg.neow.in
www.neowin.net
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2600:9000:225b:7800:0:89cb:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.neowin.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    99.84.88.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-120.muc50.r.cloudfront.net
t13.neowin.net
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-11708425892611158967.ampproject.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3p.ampproject.net
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
13    2600:9000:236e:c400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis-amp.tech
live.primis.tech
1    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
1    99.84.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-71.muc50.r.cloudfront.net
ccpa.sp-prod.net
1    99.84.88.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-68.muc50.r.cloudfront.net
gdpr-tcfv2.sp-prod.net
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
12    18.66.192.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-25.muc50.r.cloudfront.net
cdn.privacy-mgmt.com
2    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    212.115.110.216 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    63.32.67.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-67-140.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
24 ampproject.org
www-neowin-net.cdn.ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
351 KB
13 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2776
video.primis.tech — Cisco Umbrella Rank: 6335
692 KB
12 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4109
90 KB
10 neowin.com
cdn.neowin.com — Cisco Umbrella Rank: 398861
518 KB
5 neowin.net
www.neowin.net — Cisco Umbrella Rank: 239513
t13.neowin.net
28 KB
4 ampproject.net
d-11708425892611158967.ampproject.net
3p.ampproject.net — Cisco Umbrella Rank: 6364
19 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
91 KB
3 gstatic.com
fonts.gstatic.com
111 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 427
1 KB
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
61 KB
2 sp-prod.net
ccpa.sp-prod.net — Cisco Umbrella Rank: 14836
gdpr-tcfv2.sp-prod.net — Cisco Umbrella Rank: 27410
65 KB
2 skimresources.com
r.skimresources.com — Cisco Umbrella Rank: 3401
t.skimresources.com — Cisco Umbrella Rank: 3549
799 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1101
407 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 385
395 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 3341
322 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1078
364 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
337 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
405 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
2 KB
1 primis-amp.tech
live.primis-amp.tech — Cisco Umbrella Rank: 62420
4 KB
0 33across.com Failed
lexicon.33across.com Failed
0 scroll.com Failed
connect.scroll.com Failed
94 23
Domain Requested by
23 cdn.ampproject.org www.neowin.net
cdn.ampproject.org
live.primis-amp.tech
12 cdn.privacy-mgmt.com gdpr-tcfv2.sp-prod.net
cdn.privacy-mgmt.com
12 live.primis.tech live.primis-amp.tech
live.primis.tech
10 cdn.neowin.com www.neowin.net
3 connect.facebook.net cdn.ampproject.org
3p.ampproject.net
connect.facebook.net
3 t13.neowin.net cdn.ampproject.org
t13.neowin.net
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.neowin.net
live.primis.tech
client
2 id5-sync.com live.primis.tech
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 3p.ampproject.net cdn.ampproject.org
d-11708425892611158967.ampproject.net
2 d-11708425892611158967.ampproject.net cdn.ampproject.org
2 www.neowin.net 1 redirects www-neowin-net.cdn.ampproject.org
1 lb.eu-1-id5-sync.com live.primis.tech
1 match.adsrvr.org live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 api.rlcdn.com live.primis.tech
1 stats.g.doubleclick.net
1 www.google-analytics.com 1 redirects
1 video.primis.tech
1 www.facebook.com connect.facebook.net
1 gdpr-tcfv2.sp-prod.net t13.neowin.net
1 ccpa.sp-prod.net t13.neowin.net
1 t.skimresources.com cdn.ampproject.org
1 live.primis-amp.tech cdn.ampproject.org
1 r.skimresources.com cdn.ampproject.org
1 www-neowin-net.cdn.ampproject.org
0 lexicon.33across.com Failed live.primis.tech
0 connect.scroll.com Failed cdn.ampproject.org
94 29

This site contains links to these domains. Also see Links.

Domain
cve.mitre.org
www.virustotal.com
cdn.neowin.com
www.reddit.com
twitter.com
Subject Issuer Validity Valid
misc-sni.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.neowin.net
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
cdn.neowin.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-11-01		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
adsparc-consent.gpblog.com
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
*.sp-prod.net
Amazon RSA 2048 M01		 2023-04-26 -
2024-05-24		 a year crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M02		 2022-11-07 -
2023-12-06		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2022-06-18 -
2023-07-20		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Frame ID: 79931D9EF3F0F1A118AF60A1B69885AC
Requests: 50 HTTP requests in this frame

Frame: https://d-11708425892611158967.ampproject.net/2305252018001/frame.html
Frame ID: 2E9BC233F464C33F9F26BEB99A73D606
Requests: 4 HTTP requests in this frame

Frame: https://live.primis-amp.tech/content/video/amp/videoIframe.php?s=114444&schain=1.0,1!freestar.com,1151,1
Frame ID: 56EAA66E3C413A35F3A77F03224F7309
Requests: 8 HTTP requests in this frame

Frame: https://t13.neowin.net/amp/index.html?authId=amp-9McXaTeJESKCAyYb0g85QA
Frame ID: 02D65E5958050A3FA58E3A97C0399D24
Requests: 8 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Frame ID: CF8A4A685B138B49078D4D4D9191BE5C
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17808ca3e3172%26domain%3Dd-11708425892611158967.ampproject.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fd-11708425892611158967.ampproject.net%252Fff49f021329424%26relation%3Dparent.parent&color_scheme=light&container_width=90&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&ref=&sdk=joey&share=true&show_faces=false&size=large
Frame ID: 8A22797379BB0DDE7B74C914F6328D97
Requests: 1 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
Frame ID: 75BB28B8966D781FD1845836295C8A48
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CrowdStrike details Spyboy Terminator said to kill Microsoft Defender, Avast, and more EDRs | Neowin

Page URL History Show full URLs

  1. https://www-neowin-net.cdn.ampproject.org/c/s/www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-mi... Page URL
  2. https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-av... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

94
Requests

95 %
HTTPS

46 %
IPv6

23
Domains

29
Subdomains

24
IPs

6
Countries

2036 kB
Transfer

4758 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www-neowin-net.cdn.ampproject.org/c/s/www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/ Page URL
  2. https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.neowin.net/images/orion/sprite.png HTTP 301
  • https://cdn.neowin.com/news/images/orion/sprite.png
Request Chain 76
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=CrowdStrike%20details%20Spyboy%20Terminator%20said%20to%20kill%20Microsoft%20Defender%2C%20Avast%2C%20and%20more%20EDRs%20%7C%20Neowin&sr=1600x1200&_utmht=1686667172493&cid=amp-n1PlGbvI6iSMFZZiygP8-w&tid=UA-7094499-1&dl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7242685204113544&_r=1&a=1461&z=0.7486881289016221 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7094499-1&cid=amp-n1PlGbvI6iSMFZZiygP8-w&jid=0.7242685204113544&_v=a1&z=0.7486881289016221

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www-neowin-net.cdn.ampproject.org/c/s/www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/ 		471 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-neowin-net.cdn.ampproject.org/c/s/www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
471
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 14:39:31 GMT
location
https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
server
sffe
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-silent-redirect
true
x-xss-protection
0
Primary Request /
www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/ 		86 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Requested by
Host: www-neowin-net.cdn.ampproject.org
URL: https://www-neowin-net.cdn.ampproject.org/c/s/www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.17.165 Ashford, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
web4.rdg.neow.in
Software
nginx /
Resource Hash
ba326ca6c11fa29f34e8bb32b5e37508321283f4c0fa0dff772ba87077fe7acf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www-neowin-net.cdn.ampproject.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 14:39:31 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-server-name
web4.rdg.neow.in
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Jun 2023 14:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 14:22:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-skimlinks-0.1.js
cdn.ampproject.org/v0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-skimlinks-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96954e380bbe2de7f022adf1a73efae2dc13baa11416a712547e7da4cf3b7027
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8488
x-xss-protection
0
server
sffe
etag
"237736d3ff23c159"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-consent-0.1.js
cdn.ampproject.org/v0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-consent-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aefc0278fd83400e0bf9e9ea1c5d7fb988d00bcb67350b5363ce7a57116a1ec8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17807
x-xss-protection
0
server
sffe
etag
"4c5602dd56a21d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-geo-0.1.js
cdn.ampproject.org/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-geo-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7355d4275a1af32dbfd8f9ad5aa992a95b1aa6ee1c653fb4ddae8cb920b48f5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4449
x-xss-protection
0
server
sffe
etag
"95ff03d2ee8e6bc8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=1800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ed1f166939bdd2358e771b548ee2be36d1850979732c1485373ad4f562dc8bc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8951
x-xss-protection
0
server
sffe
etag
"5c9d9a15be314e06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de41278b639e6af44f3621cb961e3cc315ea5185bd3f71f3b8746f8a6c23abb1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23107
x-xss-protection
0
server
sffe
etag
"6ff2526fa9e69a3e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca2b1b87519316e11f11736b66a474480f8c59e446531afdf950723b3174715
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10303
x-xss-protection
0
server
sffe
etag
"7a174f1cd6f1771f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-fx-flying-carpet-0.1.js
cdn.ampproject.org/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fx-flying-carpet-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14070f7ff7f35a3841786de9ddeada9051af1f34d454ee299ef6c1a34ea97146
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2530
x-xss-protection
0
server
sffe
etag
"e28b1ea4ef864afe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ee01918f0cf6938c5ef120611f77319898096045ff10aa1d2bd5bd8f2fe23c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72824
x-xss-protection
0
server
sffe
etag
"2fabb8c6d8acf582"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2254976bba5b90609720c29fcf13bd161708599fa80c7bc0235fdd65d8a08ff6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32045
x-xss-protection
0
server
sffe
etag
"7d6c31735ef9154f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70562640a5faa0735554738e5b62b97428b04ca2b25b873cc07ca648e481ce67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4793
x-xss-protection
0
server
sffe
etag
"b0dd4aea3d0f5573"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-facebook-like-0.1.js
cdn.ampproject.org/v0/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-facebook-like-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b87726f0af1c92b64c814035484fadcf5255633fe70f92ca1dfe27e7f9b0c47
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6680
x-xss-protection
0
server
sffe
etag
"f9f168cacc8fa7be"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4a0ee9d98bebc7f0b92077dcb305255986e2d3d9c7c637cc27fe30a9cc16e4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9653
x-xss-protection
0
server
sffe
etag
"b8341fece51e0c2b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e5ed3ef639d036d58879b75f85fec2c499fd525b2b6687e1067f353412702e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14977
x-xss-protection
0
server
sffe
etag
"78f0297a52694948"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-access-0.1.js
cdn.ampproject.org/v0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-access-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47077ba9efd44fcc4ce4d88b987afc6a426965cdbeab498336fc41ab4ac22102
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17074
x-xss-protection
0
server
sffe
etag
"99704ea63f82b6a3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-access-scroll-0.1.js
cdn.ampproject.org/v0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-access-scroll-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecbceea0f32fef0dc3424a87ea200e53e30868d34f69e9bc79203a96087d912a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6867
x-xss-protection
0
server
sffe
etag
"db6660fd003007cf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-video-docking-0.1.js
cdn.ampproject.org/v0/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-docking-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ba1f70b2dac1bc0b1ab20ed5e1e751d4fbf7e2833cefa1423985ce569bef16
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10590
x-xss-protection
0
server
sffe
etag
"8796b8aae602b123"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
amp-video-iframe-0.1.js
cdn.ampproject.org/v0/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-iframe-0.1.js
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
041c4908e344770272cff2a3a434f869b6baf9f92428360c4f886133671bbd29
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11443
x-xss-protection
0
server
sffe
etag
"b894f073b8d6bde7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:31 GMT
1634878852_rootkit_(source-_sophos)_medium.jpg
cdn.neowin.com/news/images/uploaded/2021/10/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2021/10/1634878852_rootkit_(source-_sophos)_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e89bd0a9184e35fc41c32e197b1e80299cb06b5e0d6a182c434176355378789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 17:57:05 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Fri, 22 Oct 2021 05:00:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
4308147
etag
"fe339a028a6f5f91fc9126806a47896c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
24357
x-amz-cf-id
bGtEfuQZJyQ5kCq-tuIobt4bmUc1ONvwjCBNFIIxRxmRGmx1vVFwEA==
1662982847_1662982214_windows_11_black_medium.jpg
cdn.neowin.com/news/images/uploaded/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2022/09/1662982847_1662982214_windows_11_black_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d80701cdb6dc9824fe06f15182621b71af9e975bcd2799f6284e8b85e4e92360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:49:53 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Mon, 12 Sep 2022 11:40:53 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2314179
etag
"ada408cf5eb06ab2c3ce2d386ff14253"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10093
x-amz-cf-id
ZuCFQ6kCEydlsFQsvZSWxL4XmllcY_kTRcftqwRgICXF5P9OnTM9hg==
1656398397_microsoft_defender_bug_2_(sayan_s)_medium.jpg
cdn.neowin.com/news/images/uploaded/2022/06/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2022/06/1656398397_microsoft_defender_bug_2_(sayan_s)_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71dc5192416e41a43afd76b07263f9506da5fa33ddb46ef6246d3cccf38a1081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 12:25:04 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 06:40:01 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
9857668
etag
"18fdc222ee204ba576e71d332c1a3b51"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
7618
x-amz-cf-id
zmaJIPu7aRMF0zX7UbHYfOodkqnnnKUdjHnxLJ4Ogi-7klATzbA6vw==
1604087773_windows_vulnerabiliy_3_medium.jpg
cdn.neowin.com/news/images/uploaded/2020/10/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2020/10/1604087773_windows_vulnerabiliy_3_medium.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96e5cc038161b058ed607683a633b5590a8bd1a5752c1249a60880ab33964bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 27 May 2023 23:31:11 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Fri, 30 Oct 2020 19:56:18 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1436901
etag
"3715acfe28926a49a8501fa5cf02910c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10378
x-amz-cf-id
c4DabpumsB8-g1HCKwi8SsKKlNvRFkj03UIkFe-onTbvVpin8ka0kA==
sprite.png
cdn.neowin.com/news/images/orion/
Redirect Chain
  • https://www.neowin.net/images/orion/sprite.png
  • https://cdn.neowin.com/news/images/orion/sprite.png
105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/orion/sprite.png
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16766a16e3726e365dc22993ee507029d7c92a94f7e5aaf7a7e29c179d51c1e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:56:54 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 14:56:31 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1899758
etag
"28928b0c6d4a6b3893008a0d54b81989"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
107596
x-amz-cf-id
JJcGm-hlnKxsUIyi7qp2xlYbKPH6By3JT-DWXKLFIz4SX9z4uQvwQg==

Redirect headers

date
Tue, 13 Jun 2023 14:39:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
x-server-name
web4.rdg.neow.in
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://cdn.neowin.com/news/images/orion/sprite.png
content-length
162
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.neowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 00:21:44 GMT
x-content-type-options
nosniff
age
310667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 00:21:44 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
1647998187_49guqu_(16)_story.jpg
cdn.neowin.com/news/images/uploaded/2022/03/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2022/03/1647998187_49guqu_(16)_story.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5eb3b933b97e2fb2e77d4563513d3c5e8c5f3677bbc4f29e1a7269e15f181c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:38:59 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 01:16:34 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1058433
etag
"56fac9dcf8a276ef70541f9998d08ec0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
41877
x-amz-cf-id
UBKWxVjRUbMGxY4OljVXDle9VL_5uL9Tvpp_ItoBnMbKNKkbG7rA3w==
1685607113_crowdstrike_falcon_still_running.jpg
cdn.neowin.com/news/images/uploaded/2023/06/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2023/06/1685607113_crowdstrike_falcon_still_running.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40a30038a786c8bf76f96eec0fed12e293ad60d8b3802880228503dd2d00979a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:46:00 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 08:11:56 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1058011
etag
"6dce57e7bbcb89152f6c54e44db1ff37"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
125735
x-amz-cf-id
rVhLQUiBuAaag8HoMeLnO9Ez3MI5NqN6IiaTdNdqzmi6HklmZmvHeA==
1685607107_crowdstrike_falcon_disabled.jpg
cdn.neowin.com/news/images/uploaded/2023/06/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2023/06/1685607107_crowdstrike_falcon_disabled.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
903b97abff52db253413c42b8c07202263e2520ecdb90140e318efca85971db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:46:00 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 08:11:50 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1058012
etag
"0b3bb3cdf41c385df2fa21265aaa4775"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
191215
x-amz-cf-id
5KCuc1ku-DKYOyo6EK458lhqa3CIbMf0f7Ph7NrBLEZ7R_fzrtIQQA==
1685612544_windows_logos_small.jpg
cdn.neowin.com/news/images/uploaded/2023/06/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2023/06/1685612544_windows_logos_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d38f35b5f692018987665b84f8ed77336e37708ed06a6bdfcbfc332390de4528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 09:55:35 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 09:42:30 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1053837
etag
"6daeb3fd493dc91c0147ac704aa521b3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2469
x-amz-cf-id
LknftJe8f3lvfk_i8CqtPP-mea2wMdTrYpZ4x-Ng8U3s_98V5n4wzA==
1685606829_browsers_small.jpg
cdn.neowin.com/news/images/uploaded/2023/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.neowin.com/news/images/uploaded/2023/06/1685606829_browsers_small.jpg
Requested by
Host: www.neowin.net
URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:0:89cb:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c26c960d512572eebfe1835081d310b0246527c11002b3dcefbc1a071e3b17d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:10:35 GMT
via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 08:07:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1060137
etag
"5e3bea33c3e03b2545f98d90b0a7e69b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
4073
x-amz-cf-id
S5mxIqwsSYBKdJ7ll2wqMYueJYyJwB8kLYD52dhUB0Eq8_Vf6DSAyA==
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012305252018001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df016b35ff09d1a2046c403d35dc8fa2e4cca755dd9a38f002bfd7f476c69675
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
Origin
https://www.neowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 19:48:59 GMT
age
586232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2979
x-xss-protection
0
server
sffe
etag
"42bc85b111d44f80"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:48:59 GMT
/
t13.neowin.net/wrapper/tcfv2/v1/amp-v2/ 		73 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t13.neowin.net/wrapper/tcfv2/v1/amp-v2/?authId=amp-9McXaTeJESKCAyYb0g85QA&__amp_source_origin=https%3A%2F%2Fwww.neowin.net
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-120.muc50.r.cloudfront.net
Software
/ Express
Resource Hash
33066c3870b09478cc08461aaacb2159ebc51c79872440690b44570db9634bb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.neowin.net
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
73
x-amz-cf-id
-n0tHRit45TB0I6EpiIX0X5tJVnBp1DCBVizsjRT4sLHszspGZGv8Q==
access
connect.scroll.com/amp/ 		0
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
750ea022808422eb344d4b74e7ee520bec855e2ab90608f670b25baec3a324cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:32 GMT
content-md5
DghwUIyv29weRW2uH0EOBA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
E+tJXNAs9vDgQWpUoH22KPiNYkFTc1RHL/E+itHfoVS/0fZf+t4XKk6pA9XoV/3+7my44IzwpTVLz5S1hHK+tw==
x-fb-trip-id
1679558926
x-fb-content-md5
94dda5484879c6bcd5de57e3098773b1
cross-origin-opener-policy
same-origin-allow-popups
etag
"53ea74855eaa93781dd0d75ef38936b1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 13 Jun 2023 14:44:36 GMT
frame.html
d-11708425892611158967.ampproject.net/2305252018001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-11708425892611158967.ampproject.net/2305252018001/frame.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
facebook.js
3p.ampproject.net/2305252018001/vendor/ 		29 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://3p.ampproject.net/2305252018001/vendor/facebook.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d331bde235f3ff29b014c2bea356c04acf524f0c4960a78a459e8a379dcb0391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
585812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9346
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 21:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:56:00 GMT
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
666df6b58ed258a39995d5a62841b537e67860d4b0a11096f0b2366e661571d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		595 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012305252018001/v0/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018001/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6859b96679a89138528a63dea75f9c22350bb75efd51f4d2275cedf1fdee094
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
Origin
https://www.neowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 19:49:00 GMT
age
586231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64380
x-xss-protection
0
server
sffe
etag
"dec0fcfd01c9569b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:49:00 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012305252018001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83f68ded7ff0d910987e6155a269c3f32d2b4bb81b1e11b8360ca5724a034e9a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
Origin
https://www.neowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 19:48:59 GMT
age
586232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3935
x-xss-protection
0
server
sffe
etag
"0240120f64aa6df5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:48:59 GMT
api
r.skimresources.com/ 		149 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api?data={%22pubcode%22:%222728X590260%22,%22page%22:%22%22,%22domains%22:[%22cve.mitre.org%22,%22virustotal.com%22,%22cdn.neowin.com%22,%22reddit.com%22,%22%22]}
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
fee9be9b9382d9f47fc9241f36f7c81333ff315595dce15cfbd1bce88351eb74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.neowin.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
frame.html
d-11708425892611158967.ampproject.net/2305252018001/ Frame 2E9B 		507 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d-11708425892611158967.ampproject.net/2305252018001/frame.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-facebook-like-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c8ea97a6e509de6a7d37457efb443bcd14bec9428b5e0ad081582d2fc35e02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
214
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Jun 2023 14:39:32 GMT
expires
Wed, 12 Jun 2024 14:39:32 GMT
last-modified
Mon, 05 Jun 2023 21:28:00 GMT
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
videoIframe.php
live.primis-amp.tech/content/video/amp/ Frame 56EA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis-amp.tech/content/video/amp/videoIframe.php?s=114444&schain=1.0,1!freestar.com,1151,1
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-video-iframe-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dfddde93c628b2ab3ce0a6c2f8b1324a21778ab1d02b893947fac9015b49123e

Request headers

Referer
https://www.neowin.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 14:39:31 GMT
server
nginx
vary
Accept-Encoding
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-id
CETDQE1aw6P4rTTSyN1NCAgyZWjIs3uiGII9938fa9YIHgxRfq_-lw==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/rtv/012305252018001/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018001/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c8c532f446997928cf92434a605b1db3d708527762ccd782cb266a60e87b566
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.neowin.net/
Origin
https://www.neowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 19:49:00 GMT
age
586232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19088
x-xss-protection
0
server
sffe
etag
"6aab46dbaa4e6c55"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:49:00 GMT
facebook.js
3p.ampproject.net/2305252018001/vendor/ Frame 2E9B 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3p.ampproject.net/2305252018001/vendor/facebook.js
Requested by
Host: d-11708425892611158967.ampproject.net
URL: https://d-11708425892611158967.ampproject.net/2305252018001/frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d331bde235f3ff29b014c2bea356c04acf524f0c4960a78a459e8a379dcb0391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d-11708425892611158967.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
585812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9346
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 21:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:56:00 GMT
track.php
t.skimresources.com/api/ 		22 B
439 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/track.php?data=%7B%22slc%22%3A0%2C%22jsl%22%3A0%2C%22pref%22%3A%22https%3A%2F%2Fwww-neowin-net.cdn.ampproject.org%2F%22%2C%22uc%22%3Anull%2C%22t%22%3A1%2C%22pub%22%3A%222728X590260%22%2C%22pag%22%3A%22https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F%22%2C%22guid%22%3Anull%2C%22uuid%22%3A%221e96278dda577e4a875f1295c16d31b6%22%2C%22tz%22%3A%220%22%2C%22jv%22%3A%22amp%401.0.3%22%7D
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:32 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.neowin.net
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
t13.neowin.net/amp/ Frame 02D6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t13.neowin.net/amp/index.html?authId=amp-9McXaTeJESKCAyYb0g85QA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-consent-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63b114cf855f78413b765bc2e94cd3725c9c313c1bb63e488223372c59462f15

Request headers

Referer
https://www.neowin.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
586
content-encoding
gzip
content-type
text/html
date
Tue, 13 Jun 2023 14:31:07 GMT
etag
W/"0a48f80e0d566db05978015f184f49be"
last-modified
Thu, 02 Feb 2023 15:53:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
x-amz-cf-id
YPhUzyVBaWrI_vjUYc-HIFu2XUdTm1TpsYSPMjD3BWp4Dn6LyRr9jQ==
x-amz-cf-pop
MUC50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sdk.js
connect.facebook.net/en_US/ Frame 2E9B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2305252018001/vendor/facebook.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
750ea022808422eb344d4b74e7ee520bec855e2ab90608f670b25baec3a324cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d-11708425892611158967.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:32 GMT
content-md5
DghwUIyv29weRW2uH0EOBA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
E+tJXNAs9vDgQWpUoH22KPiNYkFTc1RHL/E+itHfoVS/0fZf+t4XKk6pA9XoV/3+7my44IzwpTVLz5S1hHK+tw==
x-fb-trip-id
1679558926
x-fb-content-md5
94dda5484879c6bcd5de57e3098773b1
cross-origin-opener-policy
same-origin-allow-popups
etag
"53ea74855eaa93781dd0d75ef38936b1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 13 Jun 2023 14:44:36 GMT
video-iframe-integration-v0.js
cdn.ampproject.org/ Frame 56EA 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/video-iframe-integration-v0.js
Requested by
Host: live.primis-amp.tech
URL: https://live.primis-amp.tech/content/video/amp/videoIframe.php?s=114444&schain=1.0,1!freestar.com,1151,1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a700b5954ac790b985c59fa0757832f3886a90aef4899a3e459b57cd57690232
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2135
x-xss-protection
0
server
sffe
etag
"a3683ca237f8aa5b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Jun 2023 14:39:32 GMT
sourcepoint_amp.js
t13.neowin.net/amp/dist/ Frame 02D6 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t13.neowin.net/amp/dist/sourcepoint_amp.js
Requested by
Host: t13.neowin.net
URL: https://t13.neowin.net/amp/index.html?authId=amp-9McXaTeJESKCAyYb0g85QA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e4aeffb346c619d09d4ef2275d63674e7e86ef3a730f884e732daef749c7fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t13.neowin.net/amp/index.html?authId=amp-9McXaTeJESKCAyYb0g85QA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:31:08 GMT
content-encoding
gzip
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
last-modified
Thu, 02 Feb 2023 15:53:51 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
582
x-amz-server-side-encryption
AES256
etag
W/"82c81cff2a96048af0bcfc183ee53a00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CBqAphQ4JP-BWJ8QBgjI5ZPURR1_dAbRorMduhfSGOekQjZHmD6NTQ==
ccpa.js
ccpa.sp-prod.net/ Frame 02D6 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.sp-prod.net/ccpa.js
Requested by
Host: t13.neowin.net
URL: https://t13.neowin.net/amp/index.html?authId=amp-9McXaTeJESKCAyYb0g85QA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-71.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2314c48342ad7cc6027df1d72315ab46e781cb118d08127f7d658bb06b9f213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t13.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:20:24 GMT
content-encoding
gzip
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 16:12:40 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
1149
etag
W/"03d1c1f6642064c8fc51daa6d457d3dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
FKDGCBci-yEz3MTDIy916yjyRBcURmX3G_9aLu2HHlkxOeUU9G8BwQ==
sdk.js
connect.facebook.net/en_US/ Frame 2E9B 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8c0d3799bf247cff536c19c3c0c4e234
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
efdaaeab01ab030c7f3139087ed717aa8f8206c1631e42d9ba34416d0d3d6603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://d-11708425892611158967.ampproject.net/
Origin
https://d-11708425892611158967.ampproject.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 14:39:32 GMT
content-md5
YkhFNx2lOpdPS2u+b/0+bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88645
x-fb-rlafr
0
x-fb-debug
5z2P0uBEhsHIKDPoKkPC+RM+r/DPWkV37sV0UFhf8xWQSFNh/080olzwisV3o1ZQ4f7vpjSJCuZZEnY+J/+wow==
x-fb-content-md5
37e036ca543407c3765f2003953f48f9
cross-origin-opener-policy
same-origin-allow-popups
etag
"027f7afd3358b4e4678f432282c8e55a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 12 Jun 2024 12:05:33 GMT
liveView.php
live.primis.tech/live/ Frame 56EA 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1
Requested by
Host: live.primis-amp.tech
URL: https://live.primis-amp.tech/content/video/amp/videoIframe.php?s=114444&schain=1.0,1!freestar.com,1151,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8670fff7c6d1b952424f310ae1a126efdb1eedb1ca28230dd8c4f4b854a0d838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:31 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
CpqU94GZRxCErCW2k6FEEmZqWaDBT_sFQs_VdUkwSiApv5InmT-5wg==
wrapperMessagingWithoutDetection.js
gdpr-tcfv2.sp-prod.net/ Frame 02D6 		165 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by
Host: t13.neowin.net
URL: https://t13.neowin.net/amp/dist/sourcepoint_amp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-68.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c94b94122f7c7ef4c59a423df7b091fdb1f87f7a7bc844a32f8bf17c9d64c842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t13.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
date
Tue, 13 Jun 2023 14:07:08 GMT
last-modified
Wed, 17 May 2023 15:06:41 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
1946
x-amz-server-side-encryption
AES256
etag
W/"7281b172d3ea01bf02b7f54d4a18188d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
tAq1LWCP_caqbUBL8sWUj0dPJieETSGgSZx8OGQV6BQo_Lp9f2PKAQ==
liveView.php
live.primis.tech/live/ Frame CF8A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b5676c79e8a69e0db41d9a49778edc720953ca249ebff780ddec92975049d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:31 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
9JxxEDuIM_tbdn_jG_O_KjrTzhjFjOV1gEprPcj3_mlDRcrlDJTZwg==
like.php
www.facebook.com/v2.5/plugins/ Frame 8A22 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17808ca3e3172%26domain%3Dd-11708425892611158967.ampproject.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fd-11708425892611158967.ampproject.net%252Fff49f021329424%26relation%3Dparent.parent&color_scheme=light&container_width=90&href=https%3A%2F%2Fwww.facebook.com%2Fneowin&layout=button_count&locale=en_US&ref=&sdk=joey&share=true&show_faces=false&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8c0d3799bf247cff536c19c3c0c4e234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d-11708425892611158967.ampproject.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 13 Jun 2023 14:39:32 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
eqLEXE9KQvAbFqeaR+SetZOrkWn2J4yI02cHLSgAwRhjHpSLJ5KLOjXFIccOJiD+o13OYU8l4sMCszxqAwQuTQ==
x-xss-protection
0
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame CF8A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:31 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
OgsPp9rvnjqI0gk3XK85EkOel-FlBqcNfpxQjiwHpjYe2Eyn8xXvlw==
expires
Wed, 12 Jun 2024 14:39:31 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame CF8A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
Ei93EeFTKx_ATlOOm90snwkVRidZpnfuFWySf-O80lTp1AYaVlDHOg==
expires
Wed, 12 Jun 2024 14:39:32 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame CF8A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:31 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
DWN6apowfM5geKnaL0_N5pTlBHk5ExqVDDzXBblda8lnYcQITQUdeA==
expires
Wed, 12 Jun 2024 14:39:31 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame CF8A 		258 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
YZRYuMVAaQ4Kv6crJAoDRmNpI46iAyKAVAKOV4BaZtGE8j_coLxZxA==
expires
Wed, 12 Jun 2024 14:39:32 GMT
prebidVid.7.16.0_9.min.js
live.primis.tech/content/prebid/ Frame CF8A 		515 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ff594557d15818d0407c52a3b2c3ea8e48e92b950211cfaa3e40e033a93cdd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 11:04:45 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"6446624d-80b63"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
GtTALZE9PR6UfJocBfnoEA8G_PqK7ezwhOwbVsyw_axOE87LH-ffMA==
expires
Wed, 12 Jun 2024 14:39:32 GMT
liveVideo.php
live.primis.tech/live/ Frame CF8A 		599 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D31335F31377D7B7331373235363730347D7B4335377D7B53643364334C6D356C62336470626935755A58513D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1151%2C1&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=1&tagKeywords=&cbuster=1686667172&csuuid=64887fa43d4f4&debugInfo=17256704_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256704&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed35d1xmiltjnr&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&s=114444&schain=1.0,1!freestar.com,1151,1&cbuster=271449191&isAmpIframe=1&cbuster=1686667172&pubUrlAuto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
95764a42a9239eb2e73bbaa0b9d6c44e7dc220fc4d6a6b2deded61539ab658f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
1awTWvEpBU_4zQGvBP2hTVY2ryLgAPurjdzLj2W0W5jaIsWqiNB2AA==
consent-status
cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/26424/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/26424/consent-status?hasCsp=true&authId=amp-9McXaTeJESKCAyYb0g85QA&accountId=1638&withSiteActions=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://t13.neowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
allow
GET,HEAD
cache-control
no-cache
content-length
8
content-type
text/html; charset=utf-8
date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-id
MEFnpfXAF5pRbd-2CfbWdc2LGsBMGdhSQO7w__bTeftxskmLkXRr9A==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
consent-status
cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/26424/ Frame 02D6 		23 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/26424/consent-status?hasCsp=true&authId=amp-9McXaTeJESKCAyYb0g85QA&accountId=1638&withSiteActions=true
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/
Resource Hash
9b8606089ab750746a2fe73e0851a50f6ae0efa61eeac75b92fbae8f4d407d1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://t13.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
WgRbsrPy8jrqO4M59X4HW1R3zhGPUfBwGmOZOaurdD-w3aWUQUPRIQ==
latest-version
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 02D6 		206 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/latest-version?siteId=26424&accountId=1638&hasCsp=true
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/
Resource Hash
ce042a67b6fa330823409492ba841d6b3ad88cc0e94f32a2469d35c4d5b200c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://t13.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
206
x-amz-cf-id
kOgU6oomvURUlvhrDhYi-_AEI2ppUHFdYNKc0yQ_38e9cp5G8awqyg==
latest-version
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/latest-version?siteId=26424&accountId=1638&hasCsp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://t13.neowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=0, s-maxage=600
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-id
oXZ65al32BeAkQtP4kxz8M-z2izGCGmv3WZk_ipMXtYYUZq-Wvn2FA==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
googleanalytics.json
cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/ 		2 KB
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 19:49:00 GMT
age
586232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"015fb89b8820ac6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 05 Jun 2024 19:49:00 GMT
primisslate.css
live.primis.tech/content/video/css/ Frame 56EA 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D31335F31377D7B7331373235363730347D7B4335377D7B53643364334C6D356C62336470626935755A58513D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1151%2C1&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=1&tagKeywords=&cbuster=1686667172&csuuid=64887fa43d4f4&debugInfo=17256704_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256704&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed35d1xmiltjnr&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:39:31 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"647db3ea-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
HXMY7XMKylGsBbRN1M3vS0sHdMblwQDGWRAxtyBny4cKxC1fy8ZHFA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame CF8A 		235 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D31335F31377D7B7331373235363730347D7B4335377D7B53643364334C6D356C62336470626935755A58513D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1151%2C1&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=1&tagKeywords=&cbuster=1686667172&csuuid=64887fa43d4f4&debugInfo=17256704_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256704&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed35d1xmiltjnr&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:06:36 GMT
content-encoding
gzip
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2023 19:47:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1977
x-amz-server-side-encryption
AES256
etag
W/"22e740da4e2336def33bbd74ea6796a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
4vScBnD57Yx9wTCPNxHxDMWU77GkyFNC9Ek4XGC10uvsVEKW0PKsyw==
css
fonts.googleapis.com/ Frame 56EA 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D31335F31377D7B7331373235363730347D7B4335377D7B53643364334C6D356C62336470626935755A58513D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1151%2C1&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=1&tagKeywords=&cbuster=1686667172&csuuid=64887fa43d4f4&debugInfo=17256704_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256704&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed35d1xmiltjnr&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 14:32:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jun 2023 14:39:32 GMT
liveView.php
live.primis.tech/live/ Frame CF8A 		63 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ0ODUyMxZ2nWRyo181YwNwNmJuOTI5NwRzNmE5OTY0MmA4JTJGqzyxNwA1MWUmNzU4MTRzYTM4MTp5OTE5Ml5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRRNE5TOTJuV1JfYwE4MVydTzcOrxcbT1RJNU5dUz1OrxU1T1RZME16QTRMM1cjWxRZq05URzkNrycfT0RFMFcgRXcPREUmT1RerE9UTXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzplTzcBrx5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EWTNPVGp1TzcBS2ZRLyBLNwxlOHZcZmusS0RGo1plOU5HV3quYUZMMDZaRWkaWXNBQWqjOFYmVDQzqzyxX2NioaRyoaRsnWQ9MTQkNTMjMCZ2nWRsY29hqGVhqF9xZXNwPUcuoWyyK1qynSgIqWFhZlgGVmIkK0NioGkyY3Rco24eZaJioSgMRypzqzyxX2NioaRyoaRsqGy0oGU9SzFgnWUeV2VcK0u1YW5aK0ZXMwEeQ29foGVwqGyiovgzpz9gK0kGVlZ2nWRsY29hqGVhqF9xqXJuqGyiow00MmYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTM3NmpzrD02NDAzrT00NDAzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3Lz5yo3qcov5hZXQyMxZuoXAyMxZwpz93ZHN0pzyeZS1xZXRunWkmLXNjrWJirS10ZXJgnW5uqG9lLXNunWQgqG8gn2yfoC1gnWNlo3NiZaQgZGVzZW5xZXIgYXZup3QgYW5xLW1ipzUgZWRlplUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMTMmNUYmMTM3N0Q3QwpmMmEmNmMlMmUmNwM3MmAmNDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQmNTZDNwImMmY0NmA2MwY5MmU3NTVBNTt1MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmQmMDqEN0I1OTM0MmQmMDqEN0I2NwMkN0Q3QwRDMmpmNmM0Mmt3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3Lz5yo3qcov5hZXQyMxZuoXAyMxZwpz93ZHN0pzyeZS1xZXRunWkmLXNjrWJirS10ZXJgnW5uqG9lLXNunWQgqG8gn2yfoC1gnWNlo3NiZaQgZGVzZW5xZXIgYXZup3QgYW5xLW1ipzUgZWRlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MwAjMSUmQTFvNwAyM0ElJTNBMwQjJTNBMmI0NlUmQSUmQTtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmEkNTEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NDt4N2ZuNDNxNGY0JzNvqXN0ZXI9MTY4NwY2NmE3MwQ2MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D31335F31377D7B7331373235363730347D7B4335377D7B53643364334C6D356C62336470626935755A58513D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1151%2C1&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=1&tagKeywords=&cbuster=1686667172&csuuid=64887fa43d4f4&debugInfo=17256704_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256704&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed35d1xmiltjnr&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4a658952a789cb8665d43d6369f6593a855d941b5356db650d1c18f9c2604502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://live.primis-amp.tech
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
8694
x-amz-cf-id
tjm3pvG2DhBoNzzW0zVMXXqv1cyma0codvvGxbHNRgLXyXaHZ-dArQ==
liveView.php
live.primis.tech/live/ Frame 56EA 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY4NwY2NmE3MvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE0NDQ0JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5hZW93nW4hozV0JaN1YxyxPXq3ql5hZW93nW4hozV0JzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNwJEMmEmMmVGMmEmNmqEN0I3MmMkMmpmMwM1MmYmNmMjMmQ3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZEMmU2QmYlMmM2NDpjNwI2OTM1NmU1QTU4NTEmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmM3MmpmNDM4N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0E4JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNC4jLwU3MmUhMTA2JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NDt4N2ZuNDNxNGY0JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2ODY2NwpkNmI0NTAzqWyxPVNyn2yhZG9TUGkurWVlNwQ4ODqzYTQ0OWQ2MCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phozViq2yhLz5yqCUlRzFgpCUlRzNlo3qxp3RlnWgyLWRyqGFcoHMgp3B5Yz95LXRypz1cozF0o3Igp2FcZC10ol1enWkfLW1cY3Jip29zqC1xZWZyozRypv1uqzFmqC1uozQgoW9lZS1yZHJmJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
Evd9t5HA9Ve5N183JvaDbsiVXEd_XvvRtZZ6vNg_PUre8h4WoTTRrg==
vid6051e36e814fa381799193.jpg
video.primis.tech/uploads/cn25/video/users/converted/24485/video_5b3c72a92964f719964308/ Frame 56EA 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/24485/video_5b3c72a92964f719964308/vid6051e36e814fa381799193.jpg?cbuster=1615979379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
3071e4f7e7c16d42916edf60a128ab0621070a5aec6f4b3f0c8fc4f8f9c8eef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Thu, 15 Jun 2023 14:39:32 GMT
date
Tue, 13 Jun 2023 14:39:32 GMT
via
1.1 224e30698a4d11b3a00300d7b851387a.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 18:06:47 GMT
server
Tengine
x-amz-cf-pop
DFW56-P2
etag
"01570cc075ca0e3afbdd52a90eaa65c7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
content-length
26538
x-amz-cf-id
EWfkkvu-KJRWmqj8d-Ply6mcU6qV6jJ7CPeQtE7uCikJeSimcHLL1g==
x-proxy-cache
EXPIRED
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=CrowdStrike%20details%20Spyboy%20Terminator%20said%20to%20kill%20Microsoft%20Defender%2C%20Avast%2C%20and%20more%20EDRs%20%7C...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7094499-1&cid=amp-n1PlGbvI6iSMFZZiygP8-w&jid=0.7242685204113544&_v=a1&z=0.7486881289016221
35 B
337 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7094499-1&cid=amp-n1PlGbvI6iSMFZZiygP8-w&jid=0.7242685204113544&_v=a1&z=0.7486881289016221
Protocol
H2
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.neowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 13 Jun 2023 14:39:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:32 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7094499-1&cid=amp-n1PlGbvI6iSMFZZiygP8-w&jid=0.7242685204113544&_v=a1&z=0.7486881289016221
access-control-allow-origin
https://www.neowin.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
388
expires
Fri, 01 Jan 1990 00:00:00 GMT
new-user
cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A26424%2C%22accountId%22%3A1638%2C%22propertyHref%22%3A%22https%3A%2F%2Famp.neowin.net%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Ft13.neowin.net%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22hasConsentData%22%3Afalse%2C%22consentedToAll%22%3Afalse%2C%22consentedToAny%22%3Anull%2C%22rejectedAny%22%3Anull%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.7.0&scriptType=tcfv2&ch=395576297420214871550b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://t13.neowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=1200
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-id
25nv8SfTvdcrPhb28O7UoJ02HrUHdHalDSgHj29I4sw_XFzcZfurjg==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
x-powered-by
Express
new-user
cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame 02D6 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A26424%2C%22accountId%22%3A1638%2C%22propertyHref%22%3A%22https%3A%2F%2Famp.neowin.net%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Ft13.neowin.net%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22hasConsentData%22%3Afalse%2C%22consentedToAll%22%3Afalse%2C%22consentedToAny%22%3Anull%2C%22rejectedAny%22%3Anull%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.7.0&scriptType=tcfv2&ch=395576297420214871550b
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/ Express
Resource Hash
fe0090a939492c4e49c518bc2f5b9bc74fc6fee0342faf03e615d0effbe1801f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://t13.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
Lx725iVL8l1YChdW5s4khdzQP0YytPxSHMNu33_234naJdfL8n1ghg==
liveInternalSsp.php
live.primis.tech/live/ Frame CF8A 		25 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://live.primis-amp.tech
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
eGftBtHiRiRT20fguWDi-yAsV9h316DoFwCVbjlbu40YwSBVNayqQA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CF8A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.primis-amp.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Tue, 13 Jun 2023 01:36:12 GMT
x-amz-cf-pop
FRA56-P6
age
47001
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
OV0dVTq3SJfbbguKhRFBRJqP9E1r30P7Z1XS4bL-YncKXRBgxw5tEw==
pv-data
cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true&ch=395576297420214871550b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://t13.neowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
allow
POST
cache-control
no-cache
content-length
4
content-type
text/html; charset=utf-8
date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-id
cgfzLTa_B5TaUa30S_xWs8JaMivGQgCvzmX9O_ejZwmkxGZuSCYaEw==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
pv-data
cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/ Frame 02D6 		677 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true&ch=395576297420214871550b
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
/
Resource Hash
57a7b3cd7a78879b09cb572a8c7cd358cbd8990c2a18ad85c41001e333907238
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://t13.neowin.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Jun 2023 14:39:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
677
x-amz-cf-id
7o69qDFg5_SwbPTvIIAF7MO37s1LzkBQCWrLJDGjpERZDb_sx16cww==
index.html
cdn.privacy-mgmt.com/ Frame 75BB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20c582bceb348344872811c400dea6c6f2f8cb7e5c547a9a41d8a072d4c5f08d

Request headers

Referer
https://t13.neowin.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2261
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Tue, 13 Jun 2023 14:01:52 GMT
etag
W/"b57a49c6d1351d4b6b39db136aa097c0"
last-modified
Thu, 27 Apr 2023 16:59:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-amz-cf-id
QUqN0xhk7GimE_3JjW_YwUOW7mARYffsOPU0U0MGc77zVY4B00Zfew==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Notice.4bddf.css
cdn.privacy-mgmt.com/ Frame 75BB 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.4bddf.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
178927b65afb5ad2b16ff8268ad6e840ff2d8b6dea202db85ff7ad493c5e81b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:06:19 GMT
content-encoding
gzip
via
1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:59:02 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1994
x-amz-server-side-encryption
AES256
etag
W/"f960b2583e693a21fa5e7dd0ca15ac17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
p9WgM4XlNshfrcCl31wiTLg3oYLEl6TdZEusW9FhH538OpwGEx-xqQ==
polyfills.d36c5.js
cdn.privacy-mgmt.com/ Frame 75BB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 13:53:49 GMT
content-encoding
gzip
via
1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:59:03 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2744
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
tRsJI7qrTXYKsF8V3qGW5L_z-0dUvvKbVXsJZsWQ8zrenM8h35ANGg==
Notice.89bd8.js
cdn.privacy-mgmt.com/ Frame 75BB 		263 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.89bd8.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-25.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d812930726ce29dd3b9d1dae01e74e4f383a19c49526e11a484a7cc8a50ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=654018&consentUUID=2db32567-efc7-4339-bff4-11b5f0a4aa5b&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Ft13.neowin.net%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:16:24 GMT
content-encoding
gzip
via
1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:59:02 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
1389
x-amz-server-side-encryption
AES256
etag
W/"aad96c90f00a37f6b24220c104d0ff2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
85cxcRbi-vrdZdQnY06fp5PAxbcGO8yftNB0FVaVCVleTb874vZjwQ==
css
fonts.googleapis.com/ Frame 75BB 		9 KB
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Jun 2023 14:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 12:52:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jun 2023 14:39:32 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 75BB 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cdn.privacy-mgmt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 00:21:44 GMT
x-content-type-options
nosniff
age
310668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 00:21:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 56EA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live.primis-amp.tech
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 03:30:27 GMT
x-content-type-options
nosniff
age
299346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 03:30:27 GMT
envelope
lexicon.33across.com/v1/ Frame CF8A 		0
0
prebid
id5-sync.com/api/config/ Frame CF8A 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://live.primis-amp.tech
date
Tue, 13 Jun 2023 14:39:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame CF8A 		44 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Jun 2023 14:39:33 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://live.primis-amp.tech
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
id
id.crwdcntrl.net/ Frame CF8A 		43 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.67.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-67-140.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 14:39:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://live.primis-amp.tech
cache-control
no-cache
x-server
10.45.30.129
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame CF8A 		63 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
45476c8c5a3d0495b9d49dcab140529d053da07f8c940f11d7c185d98ee53dd5

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Jun 2023 14:39:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://live.primis-amp.tech
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 13 Jul 2023 14:39:33 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame CF8A 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
5ee783ad9bc58e3c94777567cbc476b72ee634694a8e4c1b352bdc2188c1e310
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://live.primis-amp.tech
date
Tue, 13 Jun 2023 14:39:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pingback
connect.scroll.com/amp/ 		0
0
212.json
id5-sync.com/g/v2/ Frame CF8A 		241 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
5ca8bc66974dd2e82cefe34b0b0f661c9762db6f0cafc5cb583b010b65abbaea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://live.primis-amp.tech/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://live.primis-amp.tech
date
Tue, 13 Jun 2023 14:39:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect.scroll.com
URL
https://connect.scroll.com/amp/access?rid=amp-5GL_Ix_v3NmipTpgYYRWsg&cid=amp-7MQ7On2P1ZGJZm0k8D1S1g&c=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&o=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&x=&p=1.2&__amp_source_origin=https%3A%2F%2Fwww.neowin.net
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002l61KYAAY&gdpr=0
Domain
connect.scroll.com
URL
https://connect.scroll.com/amp/pingback?rid=amp-5GL_Ix_v3NmipTpgYYRWsg&cid=amp-7MQ7On2P1ZGJZm0k8D1S1g&c=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&o=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&r=https%3A%2F%2Fwww-neowin-net.cdn.ampproject.org%2F&x=&d=&v=&p=1.2&__amp_source_origin=https%3A%2F%2Fwww.neowin.net

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| listeningFors object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom object| __AMP_AUTOPLAY

10 Cookies

Domain/Path Name / Value
www.neowin.net/ Name: ips4_IPSSessionFront
Value: gsn700i93lq9om6v8945dairtg
.neowin.net/ Name: viewData
Value: H4sIAAAAAAAAA4tWMjI2NTawVIoFALxN1YsKAAAA
.neowin.net/ Name: AMP-CONSENT
Value: amp-9McXaTeJESKCAyYb0g85QA
.neowin.net/ Name: amp-access
Value: amp-5GL_Ix_v3NmipTpgYYRWsg
.neowin.net/ Name: scroll1
Value: amp-7MQ7On2P1ZGJZm0k8D1S1g
.neowin.net/ Name: _ga
Value: amp-n1PlGbvI6iSMFZZiygP8-w
t13.neowin.net/ Name: consentUUID
Value: 2db32567-efc7-4339-bff4-11b5f0a4aa5b
t13.neowin.net/ Name: _sp_v1_uid
Value: 1:534:949d967d-6f0b-4787-8374-079e43916efb
t13.neowin.net/ Name: _sp_v1_data
Value: 2:494804:1686667172:0:1:0:1:0:0:_:-1
t13.neowin.net/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKBjLyQAyD2lidGKVUEDOvNCcHyC4BK6iurVWKBQAW54XRMAAAAA%3D%3D

5 Console Messages

Source Level URL
Text
javascript error URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Message:
Access to fetch at 'https://connect.scroll.com/amp/access?rid=amp-5GL_Ix_v3NmipTpgYYRWsg&cid=amp-7MQ7On2P1ZGJZm0k8D1S1g&c=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&o=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&x=&p=1.2&__amp_source_origin=https%3A%2F%2Fwww.neowin.net' from origin 'https://www.neowin.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://connect.scroll.com/amp/access?rid=amp-5GL_Ix_v3NmipTpgYYRWsg&cid=amp-7MQ7On2P1ZGJZm0k8D1S1g&c=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&o=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&x=&p=1.2&__amp_source_origin=https%3A%2F%2Fwww.neowin.net
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.neowin.net/amp/crowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs/
Message:
Access to fetch at 'https://connect.scroll.com/amp/pingback?rid=amp-5GL_Ix_v3NmipTpgYYRWsg&cid=amp-7MQ7On2P1ZGJZm0k8D1S1g&c=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&o=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&r=https%3A%2F%2Fwww-neowin-net.cdn.ampproject.org%2F&x=&d=&v=&p=1.2&__amp_source_origin=https%3A%2F%2Fwww.neowin.net' from origin 'https://www.neowin.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://connect.scroll.com/amp/pingback?rid=amp-5GL_Ix_v3NmipTpgYYRWsg&cid=amp-7MQ7On2P1ZGJZm0k8D1S1g&c=https%3A%2F%2Fwww.neowin.net%2Fnews%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&o=https%3A%2F%2Fwww.neowin.net%2Famp%2Fcrowdstrike-details-spyboy-terminator-said-to-kill-microsoft-defender-avast-and-more-edrs%2F&r=https%3A%2F%2Fwww-neowin-net.cdn.ampproject.org%2F&x=&d=&v=&p=1.2&__amp_source_origin=https%3A%2F%2Fwww.neowin.net
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3p.ampproject.net
api.rlcdn.com
c.amazon-adsystem.com
ccpa.sp-prod.net
cdn.ampproject.org
cdn.neowin.com
cdn.privacy-mgmt.com
connect.facebook.net
connect.scroll.com
d-11708425892611158967.ampproject.net
fonts.googleapis.com
fonts.gstatic.com
gdpr-tcfv2.sp-prod.net
id.crwdcntrl.net
id5-sync.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis-amp.tech
live.primis.tech
match.adsrvr.org
r.skimresources.com
stats.g.doubleclick.net
t.skimresources.com
t13.neowin.net
video.primis.tech
www-neowin-net.cdn.ampproject.org
www.facebook.com
www.google-analytics.com
www.neowin.net
connect.scroll.com
lexicon.33across.com
108.138.1.25
162.19.138.82
18.66.192.25
212.115.110.216
2600:9000:225b:7800:0:89cb:5240:93a1
2600:9000:236e:c400:1a:5235:f980:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c0a::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.33.220.150
34.120.133.55
35.190.59.101
35.201.67.47
5.10.17.165
63.32.67.140
99.84.88.120
99.84.88.68
99.84.88.71
041c4908e344770272cff2a3a434f869b6baf9f92428360c4f886133671bbd29
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ed1f166939bdd2358e771b548ee2be36d1850979732c1485373ad4f562dc8bc
14070f7ff7f35a3841786de9ddeada9051af1f34d454ee299ef6c1a34ea97146
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
16766a16e3726e365dc22993ee507029d7c92a94f7e5aaf7a7e29c179d51c1e1
178927b65afb5ad2b16ff8268ad6e840ff2d8b6dea202db85ff7ad493c5e81b4
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
20c582bceb348344872811c400dea6c6f2f8cb7e5c547a9a41d8a072d4c5f08d
2254976bba5b90609720c29fcf13bd161708599fa80c7bc0235fdd65d8a08ff6
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
3071e4f7e7c16d42916edf60a128ab0621070a5aec6f4b3f0c8fc4f8f9c8eef3
33066c3870b09478cc08461aaacb2159ebc51c79872440690b44570db9634bb7
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
40a30038a786c8bf76f96eec0fed12e293ad60d8b3802880228503dd2d00979a
45476c8c5a3d0495b9d49dcab140529d053da07f8c940f11d7c185d98ee53dd5
47077ba9efd44fcc4ce4d88b987afc6a426965cdbeab498336fc41ab4ac22102
4a658952a789cb8665d43d6369f6593a855d941b5356db650d1c18f9c2604502
4c26c960d512572eebfe1835081d310b0246527c11002b3dcefbc1a071e3b17d
4c8c532f446997928cf92434a605b1db3d708527762ccd782cb266a60e87b566
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
57a7b3cd7a78879b09cb572a8c7cd358cbd8990c2a18ad85c41001e333907238
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5ca8bc66974dd2e82cefe34b0b0f661c9762db6f0cafc5cb583b010b65abbaea
5ee01918f0cf6938c5ef120611f77319898096045ff10aa1d2bd5bd8f2fe23c2
5ee783ad9bc58e3c94777567cbc476b72ee634694a8e4c1b352bdc2188c1e310
63b114cf855f78413b765bc2e94cd3725c9c313c1bb63e488223372c59462f15
666df6b58ed258a39995d5a62841b537e67860d4b0a11096f0b2366e661571d5
6b87726f0af1c92b64c814035484fadcf5255633fe70f92ca1dfe27e7f9b0c47
6e4aeffb346c619d09d4ef2275d63674e7e86ef3a730f884e732daef749c7fdb
70562640a5faa0735554738e5b62b97428b04ca2b25b873cc07ca648e481ce67
71dc5192416e41a43afd76b07263f9506da5fa33ddb46ef6246d3cccf38a1081
750ea022808422eb344d4b74e7ee520bec855e2ab90608f670b25baec3a324cb
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7c8ea97a6e509de6a7d37457efb443bcd14bec9428b5e0ad081582d2fc35e02a
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f68ded7ff0d910987e6155a269c3f32d2b4bb81b1e11b8360ca5724a034e9a
84ba1f70b2dac1bc0b1ab20ed5e1e751d4fbf7e2833cefa1423985ce569bef16
8670fff7c6d1b952424f310ae1a126efdb1eedb1ca28230dd8c4f4b854a0d838
8e5ed3ef639d036d58879b75f85fec2c499fd525b2b6687e1067f353412702e6
8ff594557d15818d0407c52a3b2c3ea8e48e92b950211cfaa3e40e033a93cdd3
903b97abff52db253413c42b8c07202263e2520ecdb90140e318efca85971db6
95764a42a9239eb2e73bbaa0b9d6c44e7dc220fc4d6a6b2deded61539ab658f0
96954e380bbe2de7f022adf1a73efae2dc13baa11416a712547e7da4cf3b7027
96e5cc038161b058ed607683a633b5590a8bd1a5752c1249a60880ab33964bb5
9b5676c79e8a69e0db41d9a49778edc720953ca249ebff780ddec92975049d53
9b8606089ab750746a2fe73e0851a50f6ae0efa61eeac75b92fbae8f4d407d1f
9e89bd0a9184e35fc41c32e197b1e80299cb06b5e0d6a182c434176355378789
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
a700b5954ac790b985c59fa0757832f3886a90aef4899a3e459b57cd57690232
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aca2b1b87519316e11f11736b66a474480f8c59e446531afdf950723b3174715
aefc0278fd83400e0bf9e9ea1c5d7fb988d00bcb67350b5363ce7a57116a1ec8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b2314c48342ad7cc6027df1d72315ab46e781cb118d08127f7d658bb06b9f213
ba326ca6c11fa29f34e8bb32b5e37508321283f4c0fa0dff772ba87077fe7acf
ba4a0ee9d98bebc7f0b92077dcb305255986e2d3d9c7c637cc27fe30a9cc16e4
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c6859b96679a89138528a63dea75f9c22350bb75efd51f4d2275cedf1fdee094
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c94b94122f7c7ef4c59a423df7b091fdb1f87f7a7bc844a32f8bf17c9d64c842
ce042a67b6fa330823409492ba841d6b3ad88cc0e94f32a2469d35c4d5b200c2
d331bde235f3ff29b014c2bea356c04acf524f0c4960a78a459e8a379dcb0391
d38f35b5f692018987665b84f8ed77336e37708ed06a6bdfcbfc332390de4528
d7355d4275a1af32dbfd8f9ad5aa992a95b1aa6ee1c653fb4ddae8cb920b48f5
d80701cdb6dc9824fe06f15182621b71af9e975bcd2799f6284e8b85e4e92360
d812930726ce29dd3b9d1dae01e74e4f383a19c49526e11a484a7cc8a50ec5aa
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
de41278b639e6af44f3621cb961e3cc315ea5185bd3f71f3b8746f8a6c23abb1
df016b35ff09d1a2046c403d35dc8fa2e4cca755dd9a38f002bfd7f476c69675
dfddde93c628b2ab3ce0a6c2f8b1324a21778ab1d02b893947fac9015b49123e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb3b933b97e2fb2e77d4563513d3c5e8c5f3677bbc4f29e1a7269e15f181c0
ecbceea0f32fef0dc3424a87ea200e53e30868d34f69e9bc79203a96087d912a
efdaaeab01ab030c7f3139087ed717aa8f8206c1631e42d9ba34416d0d3d6603
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe0090a939492c4e49c518bc2f5b9bc74fc6fee0342faf03e615d0effbe1801f
fee9be9b9382d9f47fc9241f36f7c81333ff315595dce15cfbd1bce88351eb74