www.mtpr.org Open in urlscan Pro
2a02:26f0:6c00:299::6545  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/Pi2wAqOzDY?amp=1 Page URL
2. https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

• https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM HTTP 302
• https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM&bounce=true

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Pi2wAqOzDY t.co/	384 B 523 B	164ms 139ms	Document text/html	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/Pi2wAqOzDY?amp=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers :method GET :authority t.co :scheme https :path /Pi2wAqOzDY?amp=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 cache-control private,max-age=300 content-encoding gzip content-length 215 content-type text/html; charset=utf-8 date Thu, 20 Feb 2020 13:15:47 GMT expires Thu, 20 Feb 2020 13:20:47 GMT server tsa_o set-cookie muc=0b751c14-6b83-4a4a-9dfa-35b4db0c6990; Max-Age=63072000; Expires=Sat, 19 Feb 2022 13:15:47 GMT; Domain=t.co; Secure; SameSite=None strict-transport-security max-age=0 vary Origin x-connection-hash c01fe2e743a40eaf3af46109908e036e x-response-time 125 x-xss-protection 0
GET H/1.1	200 OK	Primary Request how-havre-public-schools-handled-ransomware-attack Show response www.mtpr.org/post/	71 KB 23 KB	195ms 164ms	Document text/html	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Requested by Host: t.co URL: https://t.co/Pi2wAqOzDY?amp=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 593d48419f074d631549215faf737e5839cda4eb8a3650295f6c2b9f232ea984 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=100 Request headers Host www.mtpr.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://t.co/Pi2wAqOzDY?amp=1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://t.co/Pi2wAqOzDY?amp=1 Response headers Server nginx Content-Type text/html; charset=utf-8 X-Drupal-Cache MISS Last-Modified Thu, 20 Feb 2020 13:07:27 +0000 Strict-Transport-Security max-age=100 Content-Security-Policy upgrade-insecure-requests Content-Language en Link </node/95985>; rel="shortlink",</post/how-havre-public-schools-handled-ransomware-attack>; rel="canonical" X-Generator Drupal 7 (http://drupal.org) X-NginX-Cache HIT X-NginX-Server 192.168.120.113 Content-Encoding gzip Cache-Control public, max-age=120 Expires Thu, 20 Feb 2020 13:17:47 GMT Date Thu, 20 Feb 2020 13:15:47 GMT Content-Length 23277 Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	css_ifnnDUsNPluTX16KDjrAsdKUQa5DgPxt1lgQpPDV3ys.css www.mtpr.org/sites/mtpr.org/files/css/	5 KB 2 KB	7ms 6ms	Stylesheet text/css	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/mtpr.org/files/css/css_ifnnDUsNPluTX16KDjrAsdKUQa5DgPxt1lgQpPDV3ys.css Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 89f9e70d4b0d3e5b935f5e8a0e3ac0b1d29441ae4380fc6dd65810a4f0d5df2b Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 1745
GET H/1.1	200 OK	css_ZFlaYqkiQzTmlBPX4mQeT33IFQX3nR-zpGlyqFhtTNM.css www.mtpr.org/sites/mtpr.org/files/css/	6 KB 2 KB	13ms 6ms	Stylesheet text/css	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/mtpr.org/files/css/css_ZFlaYqkiQzTmlBPX4mQeT33IFQX3nR-zpGlyqFhtTNM.css Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 64595a62a9224334e69413d7e2641e4f7dc81505f79d1fb3a46972a8586d4cd3 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 1895
GET H/1.1	200 OK	css_PV0HBDBtTWS7oiEnFpozcEeThn_X5umpjVSdbNSQIRI.css www.mtpr.org/sites/mtpr.org/files/css/	9 KB 3 KB	18ms 6ms	Stylesheet text/css	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/mtpr.org/files/css/css_PV0HBDBtTWS7oiEnFpozcEeThn_X5umpjVSdbNSQIRI.css Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 3d5d0704306d4d64bba22127169a33704793867fd7e6e9a98d549d6cd4902112 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 2620
GET H/1.1	200 OK	css_0VAdg4CNLIPHiXPXMGB13nB-rBGa-dU_TzrpbHGW9d4.css www.mtpr.org/sites/mtpr.org/files/css/	19 KB 5 KB	42ms 30ms	Stylesheet text/css	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/mtpr.org/files/css/css_0VAdg4CNLIPHiXPXMGB13nB-rBGa-dU_TzrpbHGW9d4.css Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash d1501d83808d2c83c78973d7306075de707eac119af9d53f4f3ae96c7196f5de Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 4915
GET H2	200	css fonts.googleapis.com/	5 KB 685 B	19ms 17ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,700,700italic,900,italic,regular&subset=latin Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 706b75818588a0bd491d735303e2ae3801445186ebec0b30fa217020f14e4e67 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 20 Feb 2020 13:15:47 GMT server ESF date Thu, 20 Feb 2020 13:15:47 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Feb 2020 13:15:47 GMT
GET H/1.1	200 OK	css_K9rfU1kSnL-Qz94Sb-KSRXuyfa7qITvmz4qFWLRIGEw.css www.mtpr.org/sites/mtpr.org/files/css/	66 KB 13 KB	31ms 18ms	Stylesheet text/css	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/mtpr.org/files/css/css_K9rfU1kSnL-Qz94Sb-KSRXuyfa7qITvmz4qFWLRIGEw.css Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 2bdadf5359129cbf90cfde126fe292457bb27daeea213be6cf8a8558b448184c Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 13143
GET H/1.1	200 OK	css_pd-qHrDvhMeSv7M6jrKS46WrRJQe_DwRoZi95-2nAc0.css www.mtpr.org/sites/mtpr.org/files/css/	242 KB 43 KB	27ms 9ms	Stylesheet text/css	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/mtpr.org/files/css/css_pd-qHrDvhMeSv7M6jrKS46WrRJQe_DwRoZi95-2nAc0.css Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash a5dfaa1eb0ef84c792bfb33a8eb292e3a5ab44941efc3c11a198bde7eda701cd Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type text/css Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 43898
GET H/1.1	200 OK	js_xSpMA4ArVcBKOZ43sPqNRk0gxQZdDVifw27pIUCzWU0.js Show response www.mtpr.org/sites/kufm/files/js/	108 KB 44 KB	25ms 8ms	Script application/javascript	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/kufm/files/js/js_xSpMA4ArVcBKOZ43sPqNRk0gxQZdDVifw27pIUCzWU0.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash c52a4c03802b55c04a399e37b0fa8d464d20c5065d0d589fc36ee92140b3594d Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 45019
GET H/1.1	200 OK	js_P9u0bgloveAIlc2kutVCUB_xMaRV3YHWhSVHD3IN5tM.js Show response www.mtpr.org/sites/kufm/files/js/	43 KB 15 KB	26ms 8ms	Script application/javascript	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/kufm/files/js/js_P9u0bgloveAIlc2kutVCUB_xMaRV3YHWhSVHD3IN5tM.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 3fdbb46e0968bde00895cda4bad542501ff131a455dd81d68525470f720de6d3 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 15234
GET H/1.1	200 OK	js_f_6-OzlFXjayKlsU5sJKLwjz7LFQvdIZDm-Mt6jKwyM.js Show response www.mtpr.org/sites/kufm/files/js/	2 KB 1016 B	24ms 7ms	Script application/javascript	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/kufm/files/js/js_f_6-OzlFXjayKlsU5sJKLwjz7LFQvdIZDm-Mt6jKwyM.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 7ffebe3b39455e36b22a5b14e6c24a2f08f3ecb150bdd2190e6f8cb7a8cac323 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache MISS Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript X-NginX-Upstream 192.168.120.83:80 Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 678
GET H/1.1	200 OK	js__4npt0PuTlrK-GkTl821OR8Eb7aiGB9GvsSeu1tr7U4.js Show response www.mtpr.org/sites/kufm/files/js/	58 KB 18 KB	31ms 7ms	Script application/javascript	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/kufm/files/js/js__4npt0PuTlrK-GkTl821OR8Eb7aiGB9GvsSeu1tr7U4.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash ff89e9b743ee4e5acaf8691397cdb5391f046fb6a2181f46bec49ebb5b6bed4e Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 17820
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	43 KB 14 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5942fe1a6c99120ec11cb98230cd557a5bfe60e98466dd96824a036d80a78aa3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:15:47 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "433 / 115 of 1000 / last-modified: 1582149204" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14492 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:47 GMT
GET H/1.1	200 OK	js_RUYB4OMUm_eNE6Pdz86qwDHYdVNFwB-moT_BsYB-eJc.js Show response www.mtpr.org/sites/kufm/files/js/	77 KB 28 KB	240ms 214ms	Script application/javascript	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/kufm/files/js/js_RUYB4OMUm_eNE6Pdz86qwDHYdVNFwB-moT_BsYB-eJc.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 454601e0e3149bf78d13a3ddcfceaac031d8755345c01fa6a13fc1b1807e7897 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache MISS Last-Modified Thu, 21 Nov 2019 23:52:55 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript X-NginX-Upstream 192.168.120.82:80 Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 28245
GET H/1.1	200 OK	js_J4mhtldZ7_S7gVLJZX7b6-BHGpS6sT7WV_NjnBA4Ps0.js Show response www.mtpr.org/sites/kufm/files/js/	219 KB 62 KB	44ms 15ms	Script application/javascript	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/kufm/files/js/js_J4mhtldZ7_S7gVLJZX7b6-BHGpS6sT7WV_NjnBA4Ps0.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 2789a1b65759eff4bb8152c9657edbebe0471a94bab13ed657f3639c10383ecd Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache EXPIRED Last-Modified Thu, 14 Nov 2019 03:09:49 GMT Server nginx Vary Accept-Encoding Content-Type application/javascript X-NginX-Upstream 192.168.120.83:80 Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 63316
GET H/1.1	200 OK	MTPR-Logo-1920-trans.png www.mtpr.org/sites/kufm/files/201909/	84 KB 80 KB	123ms 122ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/201909/MTPR-Logo-1920-trans.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash ab762a8164bd09e21cbab63decf914b0f2afb45bdfd9a686313d46b748a17806 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 26 Sep 2019 06:38:03 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 82137
GET H/1.1	200 OK	havre_icon_1.jpg www.ypradio.org/sites/kemc/files/styles/card_280/public/202002/	24 KB 24 KB	318ms 283ms	Image image/jpeg	2a02:26f0:6c00:288::701f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ypradio.org/sites/kemc/files/styles/card_280/public/202002/havre_icon_1.jpg Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:288::701f , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 117b84b31ca1a120d36618b77f4239b89e3a04c192766ca958c2f5e1fd110370 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache STALE Last-Modified Wed, 19 Feb 2020 23:12:41 GMT Server nginx Vary Accept-Encoding Content-Type image/jpeg X-NginX-Upstream 192.168.120.117:80 Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 23917
GET H2	200	__utm.gif www.google-analytics.com/	35 B 100 B	7ms 5ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/__utm.gif?utmac=UA-5828686-4&utmdt=How+Havre+Public+Schools+Handled+A+Ransomware+Attack&utme=8(APIKey)9(MDA4NTE2MTUwMDEzMjEzNzg3MTJlZmNhYQ004) Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 04 Feb 2020 19:54:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1358486 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	804708693.jpg mediad.publicbroadcasting.net/p/shared/npr/styles/medium/nprshared/202002/	113 KB 113 KB	419ms 404ms	Image image/jpeg	2a02:26f0:6c00:287::1433 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://mediad.publicbroadcasting.net/p/shared/npr/styles/medium/nprshared/202002/804708693.jpg Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:287::1433 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash eecf63202ec9af7e2856967c01d87f0cadbf2270e0a69aca95b48e72691fc1f7 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache MISS Last-Modified Tue, 11 Feb 2020 03:11:44 GMT Server nginx Vary Accept-Encoding Content-Type image/jpeg X-NginX-Upstream 127.0.0.1:81 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding X-NginX-Server 192.168.120.53
GET H/1.1	200 OK	martha-hernandez-ana-suda-brook-swaney-aclu-montana.jpg www.mtpr.org/sites/kufm/files/styles/medium/public/201902/	116 KB 105 KB	241ms 240ms	Image image/jpeg	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/medium/public/201902/martha-hernandez-ana-suda-brook-swaney-aclu-montana.jpg Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 4db50828eab967cfa2b4e8376094ee6826968d895e1d47fa9d2d63321b373047 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache MISS Last-Modified Thu, 03 Oct 2019 00:48:54 GMT Server nginx Vary Accept-Encoding Content-Type image/jpeg X-NginX-Upstream 192.168.120.82:80 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding X-NginX-Server 192.168.120.113
GET H/1.1	200 OK	npr-logo.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	631 B 930 B	292ms 291ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/npr-logo.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 7c487107cc52c987d67303bee682cd32b4ce571e80bad96c5fbb0bf193c0cb11 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT X-NginX-Cache HIT Last-Modified Thu, 19 Mar 2015 20:54:29 GMT Server nginx ETag "118e0dc0f-277-511aa67e92b40" Content-Type image/png Connection keep-alive Accept-Ranges bytes X-NginX-Server 192.168.120.113 Content-Length 631
GET H/1.1	200 OK	umontana-logo.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	4 KB 4 KB	303ms 302ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/umontana-logo.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 02901a8b1be74689a40f92f4c32befa37324f616aa48ce1f0db97ad19ca4ec1b Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 19 Mar 2015 20:58:24 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 3809
GET H/1.1	200 OK	hdr-link-pbs.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	3 KB 3 KB	100ms 99ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/hdr-link-pbs.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash dde2a44eb44add33ea49ef7a68c9e2c23f38c0a2a56650db8346b2db1336f323 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache MISS Last-Modified Thu, 19 Mar 2015 20:58:24 GMT Server nginx Vary Accept-Encoding Content-Type image/png X-NginX-Upstream 192.168.120.81:80 Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 3023
GET H/1.1	200 OK	prx-logo.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	2 KB 2 KB	292ms 290ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/prx-logo.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash eef238971b86517f4f0dbd9a7c62e882002b48f1a800d5619dabeb1591379624 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 19 Mar 2015 20:58:24 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 2179
GET H/1.1	200 OK	bbc-logo.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	4 KB 4 KB	309ms 308ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/bbc-logo.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 0303ec34ed2138633efc563d39f375b7984b60454345ad2219a3bd5910680838 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 19 Mar 2015 20:58:24 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 4014
GET H/1.1	200 OK	pri-logo.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	2 KB 2 KB	146ms 146ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/pri-logo.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash bf21460fbfda214cdd50c0ce17fc919aee34e749a1fb47f5c4cb16174df95f2f Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 19 Mar 2015 20:58:24 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 1581
GET H/1.1	200 OK	protect-my-pm.png www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/	3 KB 3 KB	116ms 115ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/styles/partner_footer_logo/public/201503/protect-my-pm.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 0d4d5ef783b7de3d6e0c4b4e24434724d81c1cd6efa3d45cd98a5d938c396476 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 19 Mar 2015 20:58:24 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 2753
GET H2	200	tdwidgets.min.js Show response widgets.listenlive.co/1.0/	479 KB 156 KB	1163ms 12ms	Script application/javascript	143.204.202.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.listenlive.co/1.0/tdwidgets.min.js?q2gs13 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-20.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash f3995aaedb9b81f3a88e9434e47fed10c26a3c62824a5384bb35282638f145b8 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:12:51 GMT content-encoding gzip last-modified Tue, 15 Oct 2019 07:28:38 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1571124393/atime:1571124393/md5:b6a0f7f77eff03b0df0ee1d2c2378e1f/ctime:1571124394 age 925 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 x-amz-cf-id FKOJVoZGAhurvwpaRkLDMVj4Cmzv3gcZDIycLjh-wzuUD_c4jdR4PQ== via 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
GET H2	200	pubads_impl_2020021802.js Show response securepubads.g.doubleclick.net/gpt/	167 KB 61 KB	62ms 41ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software sffe / Resource Hash 06c08e3ba81a0a899a551a554791954c7b40ff431de2c6a206e166617578903d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 20 Feb 2020 13:15:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Feb 2020 20:41:43 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 62262 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:47 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/	113 B 178 B	14ms 14ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=www.mtpr.org Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:15:47 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 108 x-xss-protection 0
GET H2	200	ab55.js Show response stream.publicbroadcasting.net/analytics/	752 B 1 KB	699ms 566ms	Script text/javascript	2600:9000:2057:9400:14:f30e:a5c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stream.publicbroadcasting.net/analytics/ab55.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:9400:14:f30e:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7280dd2c579373f140f123b7b37be881aafee19d2c6595d8f68d51f489c7792e Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 19 Feb 2020 05:20:32 GMT via 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront) last-modified Tue, 18 Feb 2020 08:41:12 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag "6646029a25b51c5c1bc8c96c812ad5f5" x-cache RefreshHit from cloudfront content-type text/javascript status 200 cache-control max-age=86400, s-maxage=600 accept-ranges bytes content-length 752 x-amz-cf-id aDfIRM6jrKCX3IWXv4Y5ZVM2qO3UcGiNYP68m1TdxSyaeT9R5kFwZQ==
GET H/1.1	200 OK	bg-header-mtpr_0.jpg www.mtpr.org/sites/kufm/files/202002/	21 KB 16 KB	419ms 164ms	Image image/jpeg	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/kufm/files/202002/bg-header-mtpr_0.jpg Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash 8801f2d63012c81d6ea223820299ffd2c95810add31228f9315c53075fe7182b Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache EXPIRED Last-Modified Wed, 12 Feb 2020 01:31:41 GMT Server nginx Vary Accept-Encoding Content-Type image/jpeg X-NginX-Upstream 192.168.120.82:80 Connection keep-alive X-NginX-Server 192.168.120.114 Content-Length 16128
GET H/1.1	200 OK	playpause-sprite-r.png www.mtpr.org/sites/all/modules/custom/pi_hull/jplayer/images/	4 KB 4 KB	288ms 118ms	Image image/png	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.mtpr.org/sites/all/modules/custom/pi_hull/jplayer/images/playpause-sprite-r.png Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash e6f86e48d4de9d01d76823f761936744688ab448d62e95f167d6c5f3e4ca4fd6 Request headers Referer https://www.mtpr.org/sites/mtpr.org/files/css/css_0VAdg4CNLIPHiXPXMGB13nB-rBGa-dU_TzrpbHGW9d4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 13:15:48 GMT Content-Encoding gzip X-NginX-Cache HIT Last-Modified Thu, 09 Jan 2020 03:13:08 GMT Server nginx Vary Accept-Encoding Content-Type image/png Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 3764
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,700,700italic,900,italic,regular&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 02:02:12 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 1422815 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14044 x-xss-protection 0 expires Wed, 03 Feb 2021 02:02:12 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,700,700italic,900,italic,regular&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 01 Feb 2020 14:44:17 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe age 1636290 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14176 x-xss-protection 0 expires Sun, 31 Jan 2021 14:44:17 GMT
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	13 KB 14 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,700,700italic,900,italic,regular&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 19:34:57 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:45 GMT server sffe age 1359650 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13732 x-xss-protection 0 expires Wed, 03 Feb 2021 19:34:57 GMT
GET H2	200	S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 fonts.gstatic.com/s/lato/v16/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,700,700italic,900,italic,regular&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 03:04:23 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:51 GMT server sffe age 1419084 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14864 x-xss-protection 0 expires Wed, 03 Feb 2021 03:04:23 GMT
GET H/1.1	200 OK	responso.woff www.mtpr.org/sites/all/themes/responso/css/icons/	6 KB 3 KB	196ms 106ms	Font application/font-woff	2a02:26f0:6c00:299::6545 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.mtpr.org/sites/all/themes/responso/css/icons/responso.woff?x51j85 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::6545 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software nginx / Resource Hash f39ff760eed61d0f6a4b94bf6af52bc908c11de8e44bb3f20da749bbd9e91c20 Request headers Referer https://www.mtpr.org/sites/mtpr.org/files/css/css_pd-qHrDvhMeSv7M6jrKS46WrRJQe_DwRoZi95-2nAc0.css Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 20 Feb 2020 13:15:47 GMT Content-Encoding gzip X-NginX-Cache EXPIRED Last-Modified Thu, 09 Jan 2020 03:13:09 GMT Server nginx Vary Accept-Encoding Content-Type application/font-woff X-NginX-Upstream 192.168.120.82:80 Connection keep-alive X-NginX-Server 192.168.120.113 Content-Length 3026
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,700,700italic,900,italic,regular&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 01 Feb 2020 13:39:49 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:39 GMT server sffe age 1640158 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13912 x-xss-protection 0 expires Sun, 31 Jan 2021 13:39:49 GMT
GET H2	200	ga_ab55.js Show response stream.publicbroadcasting.net/analytics/	103 KB 12 KB	371ms 371ms	Script text/javascript	2600:9000:2057:9400:14:f30e:a5c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stream.publicbroadcasting.net/analytics/ga_ab55.js Requested by Host: stream.publicbroadcasting.net URL: https://stream.publicbroadcasting.net/analytics/ab55.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:9400:14:f30e:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 52033e41dc6cfa1855384757eb7fe9decd9fbef47dbce836ef00f7f717acba57 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 19 Feb 2020 05:20:32 GMT content-encoding gzip last-modified Tue, 18 Feb 2020 08:41:47 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript status 200 cache-control max-age=86400, s-maxage=600 x-amz-cf-id uvSTXPbKQoXiCJCzsf-_RZXMjCg9mNIR_tamWWFPxCAYeFIhi2fpRw== via 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
GET H2	200	chartbeat_ab55.js Show response stream.publicbroadcasting.net/analytics/	9 KB 2 KB	372ms 372ms	Script text/javascript	2600:9000:2057:9400:14:f30e:a5c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stream.publicbroadcasting.net/analytics/chartbeat_ab55.js Requested by Host: stream.publicbroadcasting.net URL: https://stream.publicbroadcasting.net/analytics/ab55.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:9400:14:f30e:a5c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b15f0f85599f179fae3653bacf5a284e12d9130a6065d9f19c13ee3651b85571 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 19 Feb 2020 05:20:32 GMT content-encoding gzip last-modified Tue, 18 Feb 2020 08:41:29 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript status 200 cache-control max-age=86400, s-maxage=600 x-amz-cf-id cm5ntDDwZgaeEuoSAnqX3oBiUp1_JDahfRjtklAiFy3phF2DkDnuCA== via 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	35 KB 14 KB	30ms 11ms	Script application/x-javascript	2600:9000:214f:b200:18:1fcd:349:ca21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: stream.publicbroadcasting.net URL: https://stream.publicbroadcasting.net/analytics/chartbeat_ab55.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:b200:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 12:42:20 GMT content-encoding gzip last-modified Tue, 29 Oct 2019 02:24:02 GMT server nginx age 2008 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=7200 x-amz-cf-pop FRA53-C1 x-amz-cf-id TqjeOADvRg2oSYWjX7sk5mxFXOCQZLqWXHRUBISiiDSbVodeKhGnqA== via 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront) expires Thu, 20 Feb 2020 14:42:20 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: stream.publicbroadcasting.net URL: https://stream.publicbroadcasting.net/analytics/ga_ab55.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 5238 date Thu, 20 Feb 2020 11:48:30 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 18174 expires Thu, 20 Feb 2020 13:48:30 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.1/	92 KB 33 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js Requested by Host: stream.publicbroadcasting.net URL: https://stream.publicbroadcasting.net/analytics/ga_ab55.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 01 Feb 2020 13:39:50 GMT content-encoding gzip x-content-type-options nosniff age 1640158 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 33333 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Jan 2021 13:39:50 GMT
GET H2	200	translation.json Show response widgets.listenlive.co/1.0/locale/fr/	108 B 667 B	50ms 26ms	XHR application/json	143.204.202.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.listenlive.co/1.0/locale/fr/translation.json?_=1582204548868 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-20.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash d66fb86e518acc652b76b589d8c750f4a5161fe71a9718e68f61068907f93793 Request headers accept */* Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 content-type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 20 Feb 2020 12:27:39 GMT via 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2890 x-cache Hit from cloudfront status 200 content-length 108 last-modified Tue, 15 Oct 2019 07:28:34 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1571124348/atime:1571124348/md5:e9fa563b8d61bb1f96461ffa9f05d5d6/ctime:1571124394 etag "e9fa563b8d61bb1f96461ffa9f05d5d6" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * x-amz-cf-pop FRA53-C1 x-amz-cf-id 4CSdEBZCTln0180Ra94zq8v98a1WK9lJqANXbdw5YJNjixYgBKTHgA==
GET H2	200	translation.json Show response widgets.listenlive.co/1.0/locale/en/	9 B 557 B	49ms 25ms	XHR application/json	143.204.202.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.listenlive.co/1.0/locale/en/translation.json?_=1582204548869 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-20.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash c0071a81f757af8ce22343643a56b045ae7d1b7f26d617129e4e0251e8b6ca93 Request headers accept */* Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 content-type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 20 Feb 2020 11:20:58 GMT via 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront status 200 content-length 9 last-modified Tue, 15 Oct 2019 07:28:33 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1571124348/atime:1571124348/md5:0b1e24aab9885c92a5b097dd32ac03e9/ctime:1571124394 etag "0b1e24aab9885c92a5b097dd32ac03e9" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * x-amz-cf-id bkCuzmORYUqJDFd9vTIMLD9mlWpW7siGUwyya0h5zOxy75ol0AQwhQ==
GET H2	200	td-sdk.min.js Show response sdk.listenlive.co/web/2.9/	615 KB 175 KB	127ms 8ms	Script application/javascript	2600:9000:2057:9200:7:5253:f880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.listenlive.co/web/2.9/td-sdk.min.js Requested by Host: widgets.listenlive.co URL: https://widgets.listenlive.co/1.0/tdwidgets.min.js?q2gs13 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:9200:7:5253:f880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 93b0ea8df9d6fd456352d04f222fb7be1020d1d310dc6f92925fa4e4181b2d1b Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 12:21:52 GMT content-encoding gzip last-modified Wed, 31 Jul 2019 05:22:41 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1563275146/atime:1563275193/md5:91e8f20a12709193eb7a6a89a717b542/ctime:1563275146 age 4948 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA6-C1 x-amz-cf-id qe5i4do5XVsLTmgh9OOylrZRSmFbHqJ7zLRySzG-XWXvfBQfLQQobQ== via 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	33 KB 6 KB	73ms 72ms	XHR text/plain	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833422805076148&correlator=2595982985138104&output=ldjh&impl=fifs&adsid=NT&eid=21065570%2C21064365%2C21064522%2C21065304%2C21065305&vrg=2020021802&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=76744421%2CMTPR_leaderboard_1%2CMTPR_player_display%2CMTPR_medium_1%2CMTPR_medium_2%2CMTPR_medium_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C970x50%7C728x90%2C970x90%7C970x50%7C728x90%2C300x250%2C300x250%2C300x250&cust_params=id%3D95985%26type%3Dpost%26tags%3DHavre%2520Public%2520Schools%252CHavre%2520Montana%252CPaul%2520Dragu%26category%3D%26programs%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1582204047&dt=1582204548926&dlt=1582204547458&idt=160&frm=20&biw=1585&bih=1200&oid=3&adxs=273%2C288%2C997%2C997%2C997&adys=187%2C322%2C515%2C785%2C1055&adks=2815480537%2C2040502632%2C524905867%2C3480896281%2C3514467726&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&ref=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&dssz=23&icsg=16755648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1040x4033%7C1040x130%7C663x2981%7C663x2831%7C663x2831&msz=1040x90%7C1010x90%7C300x250%7C300x250%7C300x250&ga_vid=935074076.1582204549&ga_sid=1582204549&ga_hid=769635754&fws=0%2C4%2C4%2C4%2C4&ohw=0%2C1585%2C1040%2C1040%2C1040 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 3c57841051e63284d27e2083519506747e1225f0316c9649b5266eab08934ce8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5932 x-xss-protection 0 google-lineitem-id -2,-2,-2,5158011514,172839181 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,138285556008,66403580581 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.mtpr.org access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020021802.js Show response securepubads.g.doubleclick.net/gpt/	66 KB 24 KB	40ms 39ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software sffe / Resource Hash 1a36f0a6f239c7826ac18991fae20560138d016bbd336c5e5156b9ef15ebf523 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:15:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Feb 2020 20:41:43 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24891 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:48 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	6ms 6ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers
GET H2	200	now Show response api.composer.nprstations.org/v1/widget/5182a6b1e1c8386dfc2a9880/	2 KB 1 KB	487ms 100ms	XHR application/json	54.236.184.41 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.composer.nprstations.org/v1/widget/5182a6b1e1c8386dfc2a9880/now?format=json&_=1582204548953 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.184.41 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-184-41.compute-1.amazonaws.com Software nginx / Express Resource Hash b0c958a4d7a211052fbcc43397c72e85ecd17d5a208e67600670595695c8faf5 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding gzip server nginx status 200 x-powered-by Express vary Accept-Encoding, X-HTTP-Method-Override, Accept-Encoding access-control-allow-methods GET, POST, PUT, PATCH, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Content-Type, api_key
GET H/1.1	200 OK	embed.js Show response npr-kufm.disqus.com/	66 KB 22 KB	524ms 255ms	Script application/javascript	151.101.12.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://npr-kufm.disqus.com/embed.js?_=1582204548986 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/sites/kufm/files/js/js_xSpMA4ArVcBKOZ43sPqNRk0gxQZdDVifw27pIUCzWU0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash f5a18422b1ca258dcffe0a33ac4d3b4a7fa5b668958a5a15ddfe2526634159c0 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:49 GMT Content-Encoding gzip Server openresty Age 0 Vary Accept-Encoding Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=utf-8 Cache-Control private, max-age=60 X-Service router Connection keep-alive Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect Content-Length 22224
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 950 B	7ms 6ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 12:58:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 1021 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 859 x-xss-protection 0 expires Thu, 20 Feb 2020 13:58:48 GMT
GET H2	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 829 B	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 12:41:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 2085 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 738 x-xss-protection 0 expires Thu, 20 Feb 2020 13:41:04 GMT
GET H2	200	ping ping.chartbeat.net/	43 B 168 B	280ms 94ms	Image image/gif	34.195.95.63 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=mtpr.org&p=%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&u=CKmdJ7CtrgIUB5l2NO&d=mtpr.org&g=33583&g0=none&g1=Jess%20Sheldahl&n=1&f=00001&c=0&x=0&m=0&y=4202&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&b=1786&t=CX1D2GDA_iq1Cx1bsFChvForCqfmSd&V=118&i=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&tz=-60&sn=1&sv=DyX9CXDvzL2xBIhE8kxxoYGCl5usU&sr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&sd=1&im=067b0ff0&_ Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.195.95.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-95-63.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 pragma no-cache date Thu, 20 Feb 2020 13:15:49 GMT cache-control no-cache, no-store, must-revalidate expires 0 content-length 43 content-type image/gif
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 58 B	14ms 14ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3833422805076148&r=300x250&w=300&h=250 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 20 Feb 2020 13:15:49 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/012002112037430/	20 KB 8 KB	78ms 6ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3186a55bc67271424c17f202a5797f96d54a851d12249ff7ec152854e4017eb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 742 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 7145 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:03:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "5c826442ea1b9f7a" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:03:27 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012002112037430/ Frame 4325	201 KB 55 KB	86ms 16ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83693e5de36f9cc42f540d09a10978348d85c6e7074a8ba9803e2646df7d95a1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 341 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 55865 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:10:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "726cd723e48be406" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:10:08 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012002112037430/v0/ Frame 4325	91 KB 27 KB	91ms 21ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 742 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27980 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:03:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "1fae760e2b8d4fc0" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:03:27 GMT
GET DATA	200 OK	truncated / Frame 4325	207 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 319920aad573791c00e1bf25b4ad4ea0f16bfaede3d6a4fc3017cf5b2d7643a7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012002112037430/ Frame E2AC	201 KB 55 KB	74ms 7ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83693e5de36f9cc42f540d09a10978348d85c6e7074a8ba9803e2646df7d95a1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 341 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 55865 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:10:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "726cd723e48be406" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:10:08 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012002112037430/v0/ Frame E2AC	91 KB 27 KB	84ms 18ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 742 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27980 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:03:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "1fae760e2b8d4fc0" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:03:27 GMT
GET DATA	200 OK	truncated / Frame E2AC	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e65df7ade72ae0a5023b3c51218fbb329205f4103a9f029c011f8b1d2cf1a268 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	15525947381827077922 tpc.googlesyndication.com/simgad/ Frame 4325	59 KB 59 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15525947381827077922 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5977ed7b8a60087bc2a20c968a589519a862f5d2129dfb35ff367220a96e471 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 13 Feb 2020 00:45:28 GMT x-content-type-options nosniff age 649821 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 60561 x-xss-protection 0 last-modified Tue, 27 Aug 2019 19:49:15 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Feb 2021 00:45:28 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 4325	0 289 B	20ms 20ms	Image image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0rKCYaRtQz5NXpjyGEVt4D17lL2-AjvaorLLaQT_25Zx-Wrjb2usoDg3p-jetSdgJyh3N3srLORY7OGHT-csNMAx7LyK8qU5JQkuttYHJImpQqrkTpHnvKoeSPMK-pq3krT8XP1CPCVMBlgXiuGikRGSS0IOOQ5qelqnSbZIoq_Rofo99J_K0pnUwLDztto-cjE0cJycZImYm3l7xu9f8yxqiBf6jnc4wsagEBVgcfuqE9UI79KHtbqX1RObLO2eVsfU&sai=AMfl-YS7i3Pi438NR2WuN0DktlfnCqqIkf_neBpQZxbctXDYmvmOp1xxBdSmMK3BScGKx9BSis0OAAzWcMtRoKggrGE1wRWXXlDV16un3gVw&sig=Cg0ArKJSzO8P7OXXSy3IEAE&adurl= Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 20 Feb 2020 13:15:49 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:49 GMT
GET H2	200	5833418960471934591 tpc.googlesyndication.com/simgad/ Frame E2AC	14 KB 14 KB	7ms 6ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5833418960471934591 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64ae51dbd4ab5de1f65ce163b9f7100976c960a797c52423fadb7d65495ce112 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 06 Feb 2020 10:16:40 GMT x-content-type-options nosniff age 1220349 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Sat, 23 Jun 2018 00:42:04 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Feb 2021 10:16:40 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame E2AC	0 332 B	19ms 19ms	Image image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPAq7m0TzHaKTqoq9K0q49SH58f60GNbz519TCfmw5MoUgHHossCgJ4eZRC8nSvGvdgzHfcUH4o6dWuQ-mMUVmF_blh0Z927p4uOIK57yQ3I7GP1708IHSQOTiXEphSGaVnu-TUqJUw3XwVqrKj7In5GZ5ESKWqGgjFea5L7pfxKF6PwLhBT4C_4pdkxssb-MA4KRqKfRb48gQlZQmbjyg66Sw12hS-yzNNoS9WfiwPWQgc-tvHcukioNds1ATB0j9IA&sai=AMfl-YQ_pEEYiJbZUoyTfoWP0-Ke8eoCEI2E4310y6625GkGVk6cYMXcIne60QayuD0qUykQiJ8U1Y_2yeigkeJxiu-11mxQ4oyFEFZs_4Y-&sig=Cg0ArKJSzEKPQ705pidxEAE&adurl= Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 20 Feb 2020 13:15:49 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:49 GMT
GET H2	200	translation.json Show response widgets.listenlive.co/1.0/locale/en/	9 B 564 B	13ms 13ms	XHR application/json	143.204.202.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.listenlive.co/1.0/locale/en/translation.json?_=1582204549116 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-20.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash c0071a81f757af8ce22343643a56b045ae7d1b7f26d617129e4e0251e8b6ca93 Request headers accept */* Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 content-type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 20 Feb 2020 12:27:39 GMT via 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2890 x-cache Hit from cloudfront status 200 content-length 9 last-modified Tue, 15 Oct 2019 07:28:33 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1571124348/atime:1571124348/md5:0b1e24aab9885c92a5b097dd32ac03e9/ctime:1571124394 etag "0b1e24aab9885c92a5b097dd32ac03e9" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * x-amz-cf-pop FRA53-C1 x-amz-cf-id AZhfb29_l-x7KzL8tDeu_R4kqLSqWubmKzoUWNt0YXHl-eWbg66wEg==
GET H2	200	collect www.google-analytics.com/	35 B 99 B	7ms 5ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=769635754&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&dr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&ul=en-us&de=UTF-8&dt=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIzB~&jid=1453557265&gjid=688890491&cid=935074076.1582204549&tid=UA-18188937-11&_gid=380110397.1582204549&cd6=MTPR&cd17=2020-02-19&cd15=1&cd16=none&cd10=none&cd8=95985&cd18=962&cd19=807557072&cd12=Havre%20Public%20Schools%2C%20Havre%20Montana%2C%20Paul%20Dragu&cd13=71&cd11=Jess%20Sheldahl&cd7=Story&cg5=Story&z=257815699 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 30 Jan 2020 02:36:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1852777 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect stats.g.doubleclick.net/r/	35 B 102 B	17ms 15ms	Image image/gif	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-18188937-11&cid=935074076.1582204549&jid=1453557265&gjid=688890491&_gid=380110397.1582204549&_u=aCjAgEIzB~&z=1054888066 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * date Thu, 20 Feb 2020 13:15:49 GMT content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 93 B	8ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=769635754&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&dr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&ul=en-us&de=UTF-8&dt=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIzB~&jid=1960410310&gjid=1979267455&cid=935074076.1582204549&tid=UA-1741309-77&_gid=380110397.1582204549&cd6=MTPR&cd17=2020-02-19&cd15=1&cd16=none&cd10=none&cd8=95985&cd18=962&cd19=807557072&cd12=Havre%20Public%20Schools%2C%20Havre%20Montana%2C%20Paul%20Dragu&cd13=71&cd11=Jess%20Sheldahl&cd7=Story&cg5=Story&z=1347538240 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 30 Jan 2020 02:36:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1852777 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect stats.g.doubleclick.net/r/	35 B 102 B	18ms 16ms	Image image/gif	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-1741309-77&cid=935074076.1582204549&jid=1960410310&gjid=1979267455&_gid=380110397.1582204549&_u=aCjAgEIzB~&z=1693932235 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * date Thu, 20 Feb 2020 13:15:49 GMT content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 93 B	8ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=769635754&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&dr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&ul=en-us&de=UTF-8&dt=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIzB~&jid=243811647&gjid=981287328&cid=935074076.1582204549&tid=UA-28319001-102&_gid=380110397.1582204549&cd6=MTPR&cd17=2020-02-19&cd15=1&cd16=none&cd10=none&cd8=95985&cd18=962&cd19=807557072&cd12=Havre%20Public%20Schools%2C%20Havre%20Montana%2C%20Paul%20Dragu&cd13=71&cd11=Jess%20Sheldahl&cd7=Story&cg5=Story&z=1468957850 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 30 Jan 2020 02:36:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1852777 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect stats.g.doubleclick.net/r/	35 B 102 B	15ms 15ms	Image image/gif	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-28319001-102&cid=935074076.1582204549&jid=243811647&gjid=981287328&_gid=380110397.1582204549&_u=aCjAgEIzB~&z=112273764 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * date Thu, 20 Feb 2020 13:15:49 GMT content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 93 B	7ms 5ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=769635754&t=pageview&_s=2&dl=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&dr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&dp=%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&ul=en-us&de=UTF-8&dt=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIzB~&jid=&gjid=&cid=935074076.1582204549&tid=UA-18188937-11&_gid=380110397.1582204549&cd6=MTPR&cd17=2020-02-19&cd15=1&cd16=none&cd10=none&cd8=95985&cd18=962&cd19=807557072&cd12=Havre%20Public%20Schools%2C%20Havre%20Montana%2C%20Paul%20Dragu&cd13=71&cd11=Jess%20Sheldahl&cd7=Story&cg5=Story&z=454613147 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 30 Jan 2020 02:36:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1852777 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 93 B	7ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=769635754&t=pageview&_s=2&dl=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&dr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&dp=%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&ul=en-us&de=UTF-8&dt=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIzB~&jid=&gjid=&cid=935074076.1582204549&tid=UA-1741309-77&_gid=380110397.1582204549&cd6=MTPR&cd17=2020-02-19&cd15=1&cd16=none&cd10=none&cd8=95985&cd18=962&cd19=807557072&cd12=Havre%20Public%20Schools%2C%20Havre%20Montana%2C%20Paul%20Dragu&cd13=71&cd11=Jess%20Sheldahl&cd7=Story&cg5=Story&z=1153519037 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 30 Jan 2020 02:36:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1852777 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 93 B	6ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=769635754&t=pageview&_s=2&dl=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&dr=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&dp=%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&ul=en-us&de=UTF-8&dt=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%7C%20MTPR&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIzB~&jid=&gjid=&cid=935074076.1582204549&tid=UA-28319001-102&_gid=380110397.1582204549&cd6=MTPR&cd17=2020-02-19&cd15=1&cd16=none&cd10=none&cd8=95985&cd18=962&cd19=807557072&cd12=Havre%20Public%20Schools%2C%20Havre%20Montana%2C%20Paul%20Dragu&cd13=71&cd11=Jess%20Sheldahl&cd7=Story&cg5=Story&z=1735020567 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 30 Jan 2020 02:36:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1852777 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	935 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d96145d426b877554dc0d813e13917d084fb24d681d5b09fe3adf8c3973de11 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	15525947381827077922 tpc.googlesyndication.com/simgad/ Frame 4325	59 KB 59 KB	6ms 6ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15525947381827077922 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012002112037430/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5977ed7b8a60087bc2a20c968a589519a862f5d2129dfb35ff367220a96e471 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 13 Feb 2020 00:45:28 GMT x-content-type-options nosniff age 649821 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 60561 x-xss-protection 0 last-modified Tue, 27 Aug 2019 19:49:15 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Feb 2021 00:45:28 GMT
GET H2	200	5833418960471934591 tpc.googlesyndication.com/simgad/ Frame E2AC	14 KB 14 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5833418960471934591 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012002112037430/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64ae51dbd4ab5de1f65ce163b9f7100976c960a797c52423fadb7d65495ce112 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 06 Feb 2020 10:16:40 GMT x-content-type-options nosniff age 1220349 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Sat, 23 Jun 2018 00:42:04 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Feb 2021 10:16:40 GMT
GET H/1.1	200 OK	idsync.js Show response playerservices.live.streamtheworld.com/api/ Redirect Chain https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM&bounce=true	906 B 1 KB	82ms 35ms	Script application/javascript	208.92.53.141 TRITONDIGITAL
General Check archive.org Show headers Download Go to Full URL https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM&bounce=true Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 208.92.53.141 , Canada, ASN13360 (TRITONDIGITAL, CA), Reverse DNS Software / Resource Hash cf0e43fabf604d14ee9d20d4cd23a592bf78f127b105db00441fc0342cce52a9 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 20 Feb 2020 13:15:49 GMT Connection close P3P policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Content-Language en-US Content-Type application/javascript; charset=ISO-8859-1 Redirect headers Access-Control-Allow-Origin * Date Thu, 20 Feb 2020 13:15:49 GMT Connection close P3P policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM&bounce=true Content-Language en-US Content-Type application/javascript; charset=ISO-8859-1
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	268 KB 91 KB	62ms 39ms	Script text/javascript	2a00:1450:4001:815::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: sdk.listenlive.co URL: https://sdk.listenlive.co/web/2.9/td-sdk.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9c7ad529b5c6eb3d69125c84f573deed9198400d84bd2e0fafaff0a2e68469f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 92989 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:49 GMT
GET H2	200	player.min.js Show response widgets.listenlive.co/1.0/	89 KB 21 KB	19ms 19ms	Script application/javascript	143.204.202.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.listenlive.co/1.0/player.min.js Requested by Host: widgets.listenlive.co URL: https://widgets.listenlive.co/1.0/tdwidgets.min.js?q2gs13 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-20.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 1c458c2ebf960771fe59a73ce6f650b24809276037468a06fe24d18d6435012e Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:09:15 GMT content-encoding gzip last-modified Tue, 15 Oct 2019 07:28:34 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1571124393/atime:1571124393/md5:633d5021ef6c506f8e78b5d511b19c6f/ctime:1571124394 age 395 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 x-amz-cf-id STR6S-EZAQ7pqhxSC82qhhHnKcLhaLTATdnjjqp0YpQYuIaz0ELa8Q== via 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1/	13 KB 5 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js Requested by Host: widgets.listenlive.co URL: https://widgets.listenlive.co/1.0/tdwidgets.min.js?q2gs13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 01 Feb 2020 00:04:55 GMT content-encoding gzip x-content-type-options nosniff age 1689054 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Jan 2021 00:04:55 GMT
GET DATA	200 OK	truncated /	935 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b07e0172131fb5a60576a6aea3b564fdbf6d9a4703cde7d8c3e36dc562d3e425 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	af7ae505a9eed503f8b8e6982036873e.woff2 widgets.listenlive.co/1.0/res/fonts/	75 KB 76 KB	16ms 16ms	Font binary/octet-stream	143.204.202.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.listenlive.co/1.0/res/fonts/af7ae505a9eed503f8b8e6982036873e.woff2 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-20.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 20 Feb 2020 12:27:46 GMT via 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront) age 2884 x-cache Hit from cloudfront status 200 access-control-max-age 3000 content-length 77160 last-modified Tue, 15 Oct 2019 07:28:37 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1571124393/atime:1571124393/md5:af7ae505a9eed503f8b8e6982036873e/ctime:1571124394 etag "af7ae505a9eed503f8b8e6982036873e" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * x-amz-cf-pop FRA53-C1 x-amz-cf-id RfC5YW7ixkLPo2L1dV0nL3kS3y7Wi-0SXEwVYbQb4yXkBB4oCSPCvw==
GET H2	200	css fonts.googleapis.com/	5 KB 780 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 20 Feb 2020 13:15:49 GMT server ESF date Thu, 20 Feb 2020 13:15:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Feb 2020 13:15:49 GMT
GET H2	200	lounge.15d8f2a22cfa6b9f96345c682b01a08f.css c.disquscdn.com/next/embed/styles/	0 21 KB	42ms 19ms	Other text/css	2606:4700::6810:50a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/styles/lounge.15d8f2a22cfa6b9f96345c682b01a08f.css Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2985836 cf-ray 5680c062bb7c0eaf-FRA status 200 vary Accept-Encoding content-length 21564 x-xss-protection 1; mode=block last-modified Thu, 16 Jan 2020 23:42:40 GMT server cloudflare etag "5e20f4f0-543c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Fri, 15 Jan 2021 23:51:50 GMT
GET H2	200	common.bundle.b9167d06dc7bd01b59d6d6332d6aafa1.js c.disquscdn.com/next/embed/	0 89 KB	46ms 23ms	Other application/javascript	2606:4700::6810:50a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/common.bundle.b9167d06dc7bd01b59d6d6332d6aafa1.js Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1121630 cf-ray 5680c062bb7f0eaf-FRA status 200 vary Accept-Encoding content-length 90471 x-xss-protection 1; mode=block last-modified Tue, 04 Feb 2020 01:14:10 GMT server cloudflare etag "5e38c562-16167" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Wed, 03 Feb 2021 22:39:15 GMT
GET H2	200	lounge.bundle.3c28b73070ee14be97ecb734e8aca3b4.js c.disquscdn.com/next/embed/	0 108 KB	51ms 29ms	Other application/javascript	2606:4700::6810:50a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/lounge.bundle.3c28b73070ee14be97ecb734e8aca3b4.js Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 140798 cf-ray 5680c062cb810eaf-FRA status 200 vary Accept-Encoding content-length 110517 x-xss-protection 1; mode=block last-modified Wed, 12 Feb 2020 00:23:26 GMT server cloudflare etag "5e43457e-1afb5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Wed, 17 Feb 2021 22:09:10 GMT
GET H/1.1	200 OK	config.js disqus.com/next/	0 6 KB	24ms 7ms	Other application/javascript	151.101.128.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://disqus.com/next/config.js Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.128.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers Timing-Allow-Origin * Date Thu, 20 Feb 2020 13:15:49 GMT X-Content-Type-Options nosniff Server nginx Age 30 X-Frame-Options SAMEORIGIN Connection keep-alive p3p CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Access-Control-Allow-Origin * Cache-Control public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60 Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=UTF-8 Content-Length 5443 X-XSS-Protection 1; mode=block
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	13ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 01 Feb 2020 00:22:27 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:49 GMT server sffe age 1688002 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9132 x-xss-protection 0 expires Sun, 31 Jan 2021 00:22:27 GMT
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin Origin https://www.mtpr.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 20:18:40 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:31:11 GMT server sffe age 1357029 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9080 x-xss-protection 0 expires Wed, 03 Feb 2021 20:18:40 GMT
GET H/1.1	200 OK	/ disqus.com/embed/comments/ Frame 6B21	0 0	145ms 144ms	Document text/html	151.101.128.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://disqus.com/embed/comments/?base=default&f=npr-kufm&t_i=node%2F95985&t_u=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&t_e=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack&t_d=%0A%20%20%20%20%20%20How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack%20%20%20%20&t_t=How%20Havre%20Public%20Schools%20Handled%20A%20Ransomware%20Attack&s_o=default Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.128.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host disqus.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Response headers Server nginx Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com Link <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch Cache-Control stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5 p3p CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Timing-Allow-Origin * X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Type text/html; charset=utf-8 Last-Modified Thu, 20 Feb 2020 01:06:14 GMT ETag W/"lounge:view:7879213088.cf8f8daeefeced0dcbe7ad3c0d176796.2" Content-Encoding gzip Content-Length 2647 Date Thu, 20 Feb 2020 13:15:49 GMT Age 0 Connection keep-alive Vary Accept-Encoding Strict-Transport-Security max-age=300; includeSubdomains
GET H/1.1	200 OK	idsync.js Show response yield-op-idsync.live.streamtheworld.com/	550 B 833 B	343ms 42ms	Script application/javascript	208.92.53.144 TRITONDIGITAL
General Check archive.org Show headers Download Go to Full URL https://yield-op-idsync.live.streamtheworld.com/idsync.js?stn=KUFMFM Requested by Host: playerservices.live.streamtheworld.com URL: https://playerservices.live.streamtheworld.com/api/idsync.js?station=KUFMFM&bounce=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 208.92.53.144 , Canada, ASN13360 (TRITONDIGITAL, CA), Reverse DNS Software / Resource Hash 8418fb917337a02c51f371c1805439b8bd2c536e1dc1eef2143fa1bab4be6576 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 20 Feb 2020 13:15:50 GMT Content-Type application/javascript; charset=UTF-8 Content-Length 550 P3p policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	realtime.af77184dec69e96e69aff958ae2bb738.css c.disquscdn.com/next/embed/styles/ Frame B73B	337 B 348 B	17ms 17ms	Stylesheet text/css	2606:4700::6810:50a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 20 Feb 2020 13:15:49 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1141073 cf-ray 5680c0657ab60eaf-FRA status 200 vary Accept-Encoding content-length 244 x-xss-protection 1; mode=block last-modified Tue, 04 Feb 2020 01:14:10 GMT server cloudflare etag "5e38c562-f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Thu, 04 Feb 2021 13:19:18 GMT
GET H2	200	realtime.af77184dec69e96e69aff958ae2bb738.css c.disquscdn.com/next/embed/styles/ Frame BFE0	337 B 338 B	14ms 14ms	Stylesheet text/css	2606:4700::6810:50a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css Requested by Host: npr-kufm.disqus.com URL: https://npr-kufm.disqus.com/embed.js?_=1582204548986 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 20 Feb 2020 13:15:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1141074 cf-ray 5680c0657acb0eaf-FRA status 200 vary Accept-Encoding content-length 244 x-xss-protection 1; mode=block last-modified Tue, 04 Feb 2020 01:14:10 GMT server cloudflare etag "5e38c562-f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Thu, 04 Feb 2021 13:19:18 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 4 KB	87ms 87ms	XHR text/plain	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833422805076148&correlator=1831897128858636&output=ldjh&impl=fifs&adsid=NT&eid=21065570%2C21064365%2C21064522%2C21065304%2C21065305&vrg=2020021802&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=76744421%2CMTPR_leaderboard_1%2CMTPR_player_display%2CMTPR_medium_1%2CMTPR_medium_2%2CMTPR_medium_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C970x50%7C728x90%2C970x90%7C970x50%7C728x90%2C300x250%2C300x250%2C300x250&rcs=1%2C1%2C1%2C1%2C1&prevtoss=0_0_0_0_0&eri=1&cust_params=id%3D95985%26type%3Dpost%26tags%3DHavre%2520Public%2520Schools%252CHavre%2520Montana%252CPaul%2520Dragu%26category%3D%26programs%3D&cookie=ID%3D0ca7eddcf25c6f9f%3AT%3D1582204548%3AS%3DALNI_MZCEVur_eydNjSZXxud4h4vNjrDfw&cookie_enabled=1&bc=31&abxe=1&lmt=1582204047&dt=1582204550012&dlt=1582204547458&idt=160&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933%2C997%2C997&adys=-12245933%2C-12245933%2C-12245933%2C543%2C813&adks=2815480537%2C2040502632%2C524905867%2C3480896281%2C3514467726&ucis=6%7C7%7C8%7C9%7Ca&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mtpr.org%2Fpost%2Fhow-havre-public-schools-handled-ransomware-attack&ref=https%3A%2F%2Ft.co%2FPi2wAqOzDY%3Famp%3D1&dssz=32&icsg=2200095617024&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1040x4033%7C1040x130%7C663x2981%7C663x2831%7C663x2831&msz=1040x90%7C1010x90%7C300x250%7C300x250%7C300x250&ga_vid=935074076.1582204549&ga_sid=1582204549&ga_hid=769635754&fws=128%2C132%2C132%2C4%2C4&ohw=0%2C1585%2C1040%2C1040%2C1040 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 431460c93e327bb1e395e9905514fbf010ba30ece20b74c775a03073804fd9e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 20 Feb 2020 13:15:50 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4459 x-xss-protection 0 google-lineitem-id -2,-2,-2,-2,172839181 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,-2,66403580581 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.mtpr.org access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	nr-1167.min.js Show response js-agent.newrelic.com/	26 KB 10 KB	43ms 8ms	Script application/javascript	151.101.114.110 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1167.min.js Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:15:50 GMT content-encoding gzip x-amz-request-id 9F168BA697B778D0 x-cache HIT status 200 content-length 10178 x-amz-id-2 yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ= x-served-by cache-hhn4022-HHN last-modified Fri, 07 Feb 2020 23:39:55 GMT server AmazonS3 x-timer S1582204550.103464,VS0,VE0 etag "8155781ab74e51eee2ead2c1d5902e63" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 28457
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 5 KB	23ms 22ms	XHR application/json	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020021802&st=env Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d501ae4b85a4c438dfefe39cc7efb82b8c0b78447200c2e3b7aa56cb39c63e8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Thu, 20 Feb 2020 13:15:50 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5211 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	21 KB 8 KB	30ms 30ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 20 Feb 2020 13:15:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1580338855439378" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8104 x-xss-protection 0 expires Thu, 20 Feb 2020 13:15:50 GMT
GET H/1.1	200 OK	15ba4da3e8 Show response bam.nr-data.net/1/	57 B 275 B	451ms 112ms	Script text/javascript	162.247.242.19 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/15ba4da3e8?a=1108724&v=1167.2a4546b&to=NlMBMhAECEZRAU1eDg8ZIgUWDAlbHwxWUwQ%2BRgIBBzoQXFUV&rst=2852&ref=https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack&ap=701&be=210&fe=2804&dc=1623&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1582204547259,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:19,%22c%22:19,%22s%22:24,%22ce%22:33,%22rq%22:33,%22rp%22:196,%22rpe%22:201,%22dl%22:199,%22di%22:1623,%22ds%22:1623,%22de%22:1732,%22dc%22:2805,%22l%22:2805,%22le%22:2812%7D,%22navigation%22:%7B%7D%7D&fp=511&fcp=511&at=GhQCRFgeG0g%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1167.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-7.nr-data.net Software / Resource Hash 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Content-Type text/javascript;charset=ISO-8859-1 Content-Length 57 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012002112037430/ Frame 39AE	201 KB 55 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83693e5de36f9cc42f540d09a10978348d85c6e7074a8ba9803e2646df7d95a1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 342 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 55865 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:10:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "726cd723e48be406" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:10:08 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012002112037430/v0/ Frame 39AE	91 KB 27 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012002112037430/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 743 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27980 x-xss-protection 0 server sffe date Thu, 20 Feb 2020 13:03:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "1fae760e2b8d4fc0" accept-ranges bytes timing-allow-origin * expires Fri, 19 Feb 2021 13:03:27 GMT
GET H2	200	5833418960471934591 tpc.googlesyndication.com/simgad/ Frame 39AE	14 KB 14 KB	6ms 6ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5833418960471934591 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64ae51dbd4ab5de1f65ce163b9f7100976c960a797c52423fadb7d65495ce112 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 06 Feb 2020 10:16:40 GMT x-content-type-options nosniff age 1220350 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Sat, 23 Jun 2018 00:42:04 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Feb 2021 10:16:40 GMT
GET DATA	200 OK	truncated / Frame 39AE	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f188110c61ecfded9fba4d6fb323fb879b09eca410b1a82588ee07b6302f5693 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 39AE	0 57 B	20ms 20ms	Image image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaFssYJeYteGW8E4c9SwGyhV4STayUQG9xq-yvomjG8yIeQRGAvUmvWoQlZPDe4GNHtgbSKlcS1xZDbpZeCi2wTydBH90fMXHqvl4hVYI80iln6yHd6xn45hh14lCbABpu7nYOCVi-cOd132CGhptm0Zj6ggoom2PW_FCF1PLIIVLKJKL0YUpCfzoA_mBkbdGmQmg-TGqLFahfrtZw4jLdnbcfv_Et4tQZurOXoPVQ7P-Oz4QGU4KxDIxPKZum-D6Huw&sig=Cg0ArKJSzNfQJN39KSKaEAE&adurl= Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 20 Feb 2020 13:15:50 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/206/ Frame DEB1	0 0	6ms 5ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/206/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Response headers status 200 accept-ranges bytes vary Accept-Encoding content-type text/html content-length 11190 date Thu, 20 Feb 2020 13:04:28 GMT expires Fri, 19 Feb 2021 13:04:28 GMT last-modified Tue, 19 Nov 2019 17:13:16 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 682 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	5833418960471934591 tpc.googlesyndication.com/simgad/ Frame 39AE	14 KB 14 KB	6ms 6ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5833418960471934591 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012002112037430/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64ae51dbd4ab5de1f65ce163b9f7100976c960a797c52423fadb7d65495ce112 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 06 Feb 2020 10:16:40 GMT x-content-type-options nosniff age 1220350 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Sat, 23 Jun 2018 00:42:04 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Feb 2021 10:16:40 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 58 B	16ms 16ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020021802&jk=3833422805076148&bg=!9_Sl9OxYapGO3Lf4AY8CAAAAN1IAAAAKmQFYhe04QU5fnkWW_AzoiFBPdbP8iM5lyom7E7yiioM_44oLL9zPlAXM1T8EuMoQ6Q64zdDCMYc6MGBwhrpfcR4uSvNybTvfJMHBXZKofHPb5Z2aC0se9ge4_JVfe2WyAqYd1F4FsKVu23_EWzwOUGvDlV2ZsqCtJnb8v9Bs1V1by9VZ6vzfZwo6lq775OmhmERHp57QEq5R8HAbMyuJclh3fQXUUSc3uHCXhrTinO6dU7gyT3jMBXlBr_OIZ_MeOqSN-vyblev6gKpcMtRtLPikzLqjMYRH7DbRNmfSONetHh4fe6tmqQNZGeyVQezi391UMmdtieoeR_Ut2hHITE1Ll8aVAuSaTf9-tsOgMgj4yvUWB9jlp3eOfL75EopQ_n02fW9YjZOPVykHA3oWsjPDYZI2Ew2jR6SM9xjv8VzCLwgmKpzacbYRWeblExYUOGafgkwzvrtsvso Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 20 Feb 2020 13:15:50 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 39AE	42 B 115 B	14ms 13ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNUh3XyckGMsSD3bt5usd5KgQdOPxKpi0QrW7JasLI74U0M2Eqs29lD_jsq0MxRc8gaZMObyieW3ksb6k4bxqKiyvGR8Q0Lpkg8HOK0xo&sig=Cg0ArKJSzM03eo9q7ZToEAE&id=ampim&o=997,543&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=83&tls=1083&g=100&h=100&tt=1083&r=v&adk=3514467726&avms=ampa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 20 Feb 2020 13:15:51 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	nowplaying Show response np.tritondigital.com/public/	83 B 343 B	410ms 103ms	XHR text/xml	208.92.55.26 TRITONDIGITAL
General Check archive.org Show headers Download Go to Full URL https://np.tritondigital.com/public/nowplaying?mountName=KUFMFM&numberToFetch=1&eventType=track&request.preventCache=1582204551529 Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.92.55.26 , Canada, ASN13360 (TRITONDIGITAL, CA), Reverse DNS ash-db-sl01.streamtheworld.net Software nginx / Resource Hash a0344a7e62eabccf31019f913c9e2449afeebf0404e41084ec95b950db1a0bad Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain; charset=utf-8 Response headers Date Thu, 20 Feb 2020 13:15:51 GMT Server nginx X-Cache-Status HIT Transfer-Encoding chunked Content-Type text/xml;charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive CACHE_CONTROL max-age=10, public
POST H/1.1	200 OK	15ba4da3e8 Show response bam.nr-data.net/events/1/	24 B 179 B	118ms 118ms	XHR image/gif	162.247.242.19 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/15ba4da3e8?a=1108724&v=1167.2a4546b&to=NlMBMhAECEZRAU1eDg8ZIgUWDAlbHwxWUwQ%2BRgIBBzoQXFUV&rst=12851&ref=https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Requested by Host: www.mtpr.org URL: https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-7.nr-data.net Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://www.mtpr.org/post/how-havre-public-schools-handled-ransomware-attack Origin https://www.mtpr.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 content-type text/plain Response headers Access-Control-Allow-Origin https://www.mtpr.org Access-Control-Allow-Credentials true Content-Length 24 Content-Type image/gif