setecinvestigations.harvestapp.com Open in urlscan Pro
2001:1838:2001:e::189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg
Effective URL:
https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Submission: On December 22 via manual (December 22nd 2020, 4:26:46 pm UTC) from US

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 25 HTTP transactions. The main IP is 2001:1838:2001:e::189, located in United States and belongs to SERVERCENTRAL, US. The main domain is setecinvestigations.harvestapp.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 14th 2020. Valid for: 2 years.

This is the only time setecinvestigations.harvestapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	205.139.111.113 205.139.111.113	30031 (MIMECAST-) (MIMECAST-)
7	2001:1838:200... 2001:1838:2001:e::189	23352 (SERVERCEN...) (SERVERCENTRAL)
4	13.227.209.20 13.227.209.20	16509 (AMAZON-02) (AMAZON-02)
1	2001:1838:200... 2001:1838:2001:e::222	23352 (SERVERCEN...) (SERVERCENTRAL)
3	65.9.68.2 65.9.68.2	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
25	13

2 205.139.111.113 (United States) 2 redirects

ASN30031 (MIMECAST-, US)

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:1838:2001:e::189 (United States)

ASN23352 (SERVERCENTRAL, US)

setecinvestigations.harvestapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cache.harvestapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.227.209.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-209-20.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1838:2001:e::222 (United States)

ASN23352 (SERVERCENTRAL, US)

proxy.harvestfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.68.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	harvestapp.com setecinvestigations.harvestapp.com cache.harvestapp.com	276 KB
4	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	36 KB
4	stripe.com js.stripe.com	50 KB
3	plaid.com cdn.plaid.com	52 KB
2	google.de www.google.de	590 B
2	google.com 1 redirects www.google.com	282 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net	278 B
2	bugsnag.com sessions.bugsnag.com	97 B
2	mimecast.com 2 redirects protect-us.mimecast.com	1 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	harvestfiles.com proxy.harvestfiles.com	13 KB
25	11

	Domain	Requested by
6	cache.harvestapp.com	setecinvestigations.harvestapp.com
4	js.stripe.com	setecinvestigations.harvestapp.com js.stripe.com
3	cdn.plaid.com	setecinvestigations.harvestapp.com cdn.plaid.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.de	setecinvestigations.harvestapp.com
2	www.google.com	1 redirects
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	ssl.google-analytics.com	1 redirects setecinvestigations.harvestapp.com
2	sessions.bugsnag.com	cache.harvestapp.com
2	protect-us.mimecast.com	2 redirects
1	www.googletagmanager.com	setecinvestigations.harvestapp.com
1	proxy.harvestfiles.com	setecinvestigations.harvestapp.com
1	setecinvestigations.harvestapp.com
25	13

This site contains links to these domains. Also see Links.

Domain
www.getharvest.com

Subject Issuer	Validity	Valid
*.harvestapp.com GeoTrust RSA CA 2018	`2020-02-14` - `2022-03-04`	2 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-09-22` - `2021-02-03`	4 months	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Frame ID: 6140AE53CFBEFA9B954477CDD5BCE540
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f76d996af1d213bf0ec2b9516034ce65.html
Frame ID: 10CE3452D97AB52534FE975C52D4D0B3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
Frame ID: 298F131EE5416715CBA9F8AD17626E19
Requests: 1 HTTP requests in this frame

Frame: https://cdn.plaid.com/link/v2/stable/link.html?countryCodes=US&env=production&isLinkInitialize=true&key=4440bd551952832228fd520ff363be&origin=https%3A%2F%2Fsetecinvestigations.harvestapp.com&product=auth&uniqueId=1&version=2.0.826
Frame ID: 1A95BCADE09EEB83E5C9AC859F3C8C40
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Frame ID: 41A3EEDFA87A7A5702828C3B623B7783
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg HTTP 307
https://protect-us.mimecast.com/redirect/eNptUmGL2zAM_SvFn9vUdpImKWO0dLsdo71Bd-1tRyE4tpq4i-Nguy3H2H-f0jsYGwv... HTTP 307
https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

25
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

477 kB
Transfer

1254 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.getharvest.com/
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg HTTP 307
https://protect-us.mimecast.com/redirect/eNptUmGL2zAM_SvFn9vUdpImKWO0dLsdo71Bd-1tRyE4tpq4i-Nguy3H2H-f0jsYGwvBSPLTk_Ssn8TJPpA5aStoHCyMDS28OC0hktaQMWmtJHM6Jg4k6D4EbYDM2Yzm6YwVdPjwDgn4mIDXCg3OYppkGRuTYMKDVYgnlBbIpXs0OS2iPI04o1ESY9D4ekgj71bL9WZnTuZuH-D5y_1TqOtutg0v39d7y_aPq89VV29238rVlZcfHyrgYbkwQrdRfTux3fdI1996YMmYnF2LtE0IvZ8fpoephwBSdxfwQdciaNv5qBFu8EXfD_mHqWw1dOEwRZhFDfxhWuVxJWNxTFOecpEomatjnmciy2NKgclMJJmIhcTSMOhYl3IC5dlTVjKelReF5yQpV7uvy5wuGU9LTjll-KOBuADOpBPUZ8JZkaVpUXCkqjyZzwqcBonn5E8yXgk5lFk1IH_stmsM1Oebfg117Yf7T6cH_bTUPt4nbfK8vuK9xCLWgJOvT_EXmTfCNxhUsqqypKKKqypWIgaWzxjLIB1sEEoxxuiRD1P6TjnMCNj5UXSL_6n6ujkOavQQ2juLmDA5-8jg-kjhwxvEn6sTAu5s29qr7urRrh9toRZODc5GODQhjB4ba3pvu9FltLnt52iLj0NuC7ax524Y_03Jm3byH9F-_QZOh-bG HTTP 307
https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2086193683&utmhn=setecinvestigations.harvestapp.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Setec%20Investigations%20on%20Harvest&utmhid=981482460&utmr=-&utmp=%2Fclient%2Finvoices%2Fb83bc3af55252a4dc8df887a78300e1c7a47a3ac&utmht=1608654390343&utmac=UA-103886-22&utmcc=__utma%3D186612656.904244615.1608654390.1608654390.1608654390.1%3B%2B__utmz%3D186612656.1608654390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1326729105&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889

25 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request b83bc3af55252a4dc8df887a78300e1c7a47a3ac Show response
setecinvestigations.harvestapp.com/client/invoices/
Redirect Chain

https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg
https://protect-us.mimecast.com/redirect/eNptUmGL2zAM_SvFn9vUdpImKWO0dLsdo71Bd-1tRyE4tpq4i-Nguy3H2H-f0jsYGwvBSPLTk_Ssn8TJPpA5aStoHCyMDS28OC0hktaQMWmtJHM6Jg4k6D4EbYDM2Yzm6YwVdPjwDgn4mIDXCg3OYppkGRuT...
https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac

20 KB
8 KB

685ms
463ms

Document
text/html

2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

Software

nginx /

Resource Hash

89433d8a70a930964df203b91aa07675a9fd0420daec88c2c1f9df1670f5b40e

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp_reports; default-src ; img-src data:; font-src data: cache.harvestapp.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google-analytics.com https://.nr-data.net https://ajax.googleapis.com cache.harvestapp.com https://platform.twitter.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net https://googleads.g.doubleclick.net https://cdn.plaid.com https://tagmanager.google.com https://bat.bing.com https://ct.capterra.com https://checkout.stripe.com https://js.stripe.com https://q.stripe.com; style-src 'self' 'unsafe-inline' cache.harvestapp.com https://www.google.com https://tagmanager.google.com https://fonts.googleapis.com https://checkout.stripe.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: setecinvestigations.harvestapp.com
:scheme: https
:path: /client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 22 Dec 2020 16:26:29 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache, no-store
p3p: CP="Our privacy policy is available online: https://www.getharvest.com/services/privacy-policy"
x-app-server: app7
x-robots-tag: noindex, nofollow
content-security-policy: report-uri /csp_reports; default-src *; img-src * data:; font-src data: cache.harvestapp.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://*.nr-data.net https://ajax.googleapis.com cache.harvestapp.com https://platform.twitter.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net https://googleads.g.doubleclick.net https://cdn.plaid.com https://tagmanager.google.com https://bat.bing.com https://ct.capterra.com https://checkout.stripe.com https://js.stripe.com https://q.stripe.com; style-src 'self' 'unsafe-inline' cache.harvestapp.com https://www.google.com https://tagmanager.google.com https://fonts.googleapis.com https://checkout.stripe.com
etag: W/"89433d8a70a930964df203b91aa07675"
set-cookie: _harvest_sess=1piW%2BcqHdw0H4jyk1lNnG6d1dfu50EyWEBmcocbyByNaECOytYUJKmPK3crydn6FZcQFAoQZaEGcW0R2CHhVve2lFJL4WNUApnrY8huyT%2BNsEZxHrrAXhCWdTEkyylownMHSG1puoRO9s%2F3gFtaEvCB5khilax4lzrih4lDCUldREAg0HeQsPihwf5YAYKAQRX0Fxc%2BIfkSyLVy%2FVqPB9RMUqnKCG08YZplzGL9DaFDOtOGK7zgrulVEmiWlT9Ugd5NxyxRqGDNgERdQAC7WambXmYK%2FUZdkIA09Va9HffZ1M4NCOJTJElejAzNwbu03DQ%3D%3D--rctqus3TqhylN6Ii--741A6Zml4IQN1aLaZxnmdQ%3D%3D; domain=.harvestapp.com; path=/; expires=Wed, 06 Jan 2021 16:26:29 GMT; secure; HttpOnly; SameSite=None
x-request-id: d2782b73af21f7aa6a2d59a00dabdab8
x-runtime: 0.356678
strict-transport-security: max-age=31536000; includeSubDomains
x-server: lb3
content-encoding: gzip

Redirect headers

Date: Tue, 22 Dec 2020 16:26:28 GMT
Content-Length: 0
Connection: keep-alive
Location: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow

GET
H2 200 fonts-18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5.css
cache.harvestapp.com/assets/ 208 KB
153 KB 216ms
208ms Stylesheet
text/css 2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.harvestapp.com/assets/fonts-18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5.css
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:29 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 12:51:06 GMT
server: nginx
etag: W/"5f3688ba-33f2a"
content-type: text/css
cache-control: max-age=2851200
x-server: lb3
expires: Sun, 24 Jan 2021 16:26:29 GMT

GET
H2 200 client-0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8.css
cache.harvestapp.com/assets/ 73 KB
15 KB 215ms
208ms Stylesheet
text/css 2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.harvestapp.com/assets/client-0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8.css
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:29 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 20:57:08 GMT
server: nginx
etag: W/"5f8f4f24-12560"
content-type: text/css
cache-control: max-age=2851200
x-server: lb3
expires: Sun, 24 Jan 2021 16:26:29 GMT

GET
H2 200 error_tracking-e665832b0c49b394e787.js Show response
cache.harvestapp.com/packs/js/ 41 KB
13 KB 317ms
310ms Script
application/javascript 2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.harvestapp.com/packs/js/error_tracking-e665832b0c49b394e787.js
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 21b44d2cb65068612278f747091fcdd426881096ce7216201eb3633e27c74a97

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:29 GMT
content-encoding: gzip
last-modified: Tue, 22 Dec 2020 13:15:34 GMT
server: nginx
etag: W/"5fe1f176-a47b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2851200
x-server: lb3
expires: Sun, 24 Jan 2021 16:26:29 GMT

GET
H2 200 documents-2a3db7eb526ef6241358.js Show response
cache.harvestapp.com/packs/js/client/ 243 KB
84 KB 317ms
310ms Script
application/javascript 2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.harvestapp.com/packs/js/client/documents-2a3db7eb526ef6241358.js
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 58198ec834d0bee07dee80f185f3bdd38426f9c1f3242bb72c521ee584690a87

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:29 GMT
content-encoding: gzip
last-modified: Tue, 22 Dec 2020 13:15:34 GMT
server: nginx
etag: W/"5fe1f176-3cbf7"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2851200
x-server: lb3
expires: Sun, 24 Jan 2021 16:26:29 GMT

GET
H2 200 old_browser_warning-bc20c6de53375a898026.js Show response
cache.harvestapp.com/packs/js/ 2 KB
1 KB 102ms
102ms Script
application/javascript 2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.harvestapp.com/packs/js/old_browser_warning-bc20c6de53375a898026.js
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 768db80d861de3be8f353e230eeb9a4bf92f882ee90a6b9aef6d730870d8660e

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:30 GMT
content-encoding: gzip
last-modified: Tue, 22 Dec 2020 13:15:34 GMT
server: nginx
etag: W/"5fe1f176-7b2"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2851200
x-server: lb3
expires: Sun, 24 Jan 2021 16:26:30 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 191 KB
50 KB 71ms
38ms Script
application/javascript 13.227.209.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-20.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

939adb7a892f2fad68433689b519eba95b093ed36326c710c90aaf1fdec6643e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:24:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 123
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: B97CDA4768B3788A
x-amz-id-2: pu8+4Ai9TpUoZlNO1Mo3QjV2OvjvThOBKksXXSIHLQIBZFb6csb6GzGiS7jn6TcSVPIo163NCoE=
last-modified: Tue, 22 Dec 2020 00:17:17 GMT
server: AmazonS3
etag: W/"56415658be7725579e844bf7947af628"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: AMS54-C1
timing-allow-origin: *
x-amz-cf-id: bPiJG1kZMdL3Qgrq96JCXrX9J76eb2fTD8Be8kzAnT9gd07kP5yKWA==

GET
H2 200 thumbnail.png
proxy.harvestfiles.com/production_harvestapp_public/uploads/account_logos/0006/7722/9934fa7cfb73bca9ab780706194fb199199e2af3/ 13 KB
13 KB 319ms
102ms Image
image/png 2001:1838:2001:e::222
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proxy.harvestfiles.com/production_harvestapp_public/uploads/account_logos/0006/7722/9934fa7cfb73bca9ab780706194fb199199e2af3/thumbnail.png
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::222 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: d7697797470e519dc1059695c0829de7840f1b3a046e0e2793070fc045631c5c

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:30 GMT
last-modified: Tue, 17 Jan 2017 15:59:51 GMT
server: nginx
etag: "db5629c88211e0abb2d7df4f04c4c81e"
content-type: image/png
x-server: lb2
accept-ranges: bytes
content-length: 13097
x-cached: HIT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 77 KB
24 KB 126ms
52ms Script
application/javascript 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e39d3088d6426a7e3654faf93a289fc4d9e55927c343b73c15415974690aec2

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:07:49 GMT
content-encoding: gzip
x-amz-request-id: E4EE6F299BC05606
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: gHcrj4oztd0SuIcm3H4PdbGcFsZM7Fh9HD+yg8u+bf2FD5ZX3YV1RbbRCNk3MAF+ScWyiudHjvY=
last-modified: Mon, 21 Dec 2020 19:42:14 GMT
server: AmazonS3
etag: W/"6474330381808a9d059846424b44e334"
vary: Accept-Encoding
x-amz-version-id: pEA7LdGi7jlMCrqdYTPipW1DZA5OxKXB
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: dHxlE-1MfDre8J_RHx8ox1ac7BESgPsCVOYgS6AqamNLTe4tDeQcRA==

GET
H2 200 print-aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d.css
cache.harvestapp.com/assets/ 4 KB
1 KB 103ms
102ms Stylesheet
text/css 2001:1838:2001:e::189
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.harvestapp.com/assets/print-aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d.css
Requested by: Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: nginx /
Resource Hash: aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:30 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 17:54:14 GMT
server: nginx
etag: W/"5f7e00c6-fec"
content-type: text/css
cache-control: max-age=2851200
x-server: lb3
expires: Sun, 24 Jan 2021 16:26:30 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 163ms
149ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://setecinvestigations.harvestapp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 22 Dec 2020 16:26:30 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 149ms
148ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cache.harvestapp.com
URL: https://cache.harvestapp.com/packs/js/error_tracking-e665832b0c49b394e787.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://setecinvestigations.harvestapp.com/
Bugsnag-Sent-At: 2020-12-22T16:26:30.166Z
Bugsnag-Api-Key: 53973cdd33d63f27f7af7ef238992e9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 22 Dec 2020 16:26:30 GMT
via: 1.1 google
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
50 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B6RVD

Requested by

Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4430cc233dbb0c1874d86f3d375bd5bf369179298367c4787a20bf52a751dcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 16:26:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50585
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Dec 2020 16:26:30 GMT

GET
DATA 200
OK truncated
/ 47 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://setecinvestigations.harvestapp.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
DATA 200
OK truncated
/ 49 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://setecinvestigations.harvestapp.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
DATA 200
OK truncated
/ 50 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://setecinvestigations.harvestapp.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.826/ 0
28 KB 24ms
24ms Other
application/javascript 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.826/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:07:50 GMT
content-encoding: gzip
age: 73120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Dec 2020 19:42:14 GMT
server: AmazonS3
etag: W/"18f2a7841c011369ad2f2322bc66e9f1"
vary: Accept-Encoding
x-amz-version-id: cSAib7diCmqpAEkr4FyxIhiowjZlTO32
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: MLkNgm2eMvCGjNC5rQWWAsPQ-CoCeKni6pmaM4dvZZiwPRZFX7qWfQ==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1930
date: Tue, 22 Dec 2020 15:54:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 22 Dec 2020 17:54:20 GMT

GET
H2 200 controller-f76d996af1d213bf0ec2b9516034ce65.html
js.stripe.com/v3/ Frame 10CE 0
0 34ms
34ms Document
text/html 13.227.209.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-f76d996af1d213bf0ec2b9516034ce65.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-20.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-f76d996af1d213bf0ec2b9516034ce65.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://setecinvestigations.harvestapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://setecinvestigations.harvestapp.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 562
x-amz-id-2: nOapxHKfJwj2jlrPHxCqNZraCXr+PtcjaZPLRttoymrp6V05JI7yLDIn1mMbv02FYUFPLJir1Os=
x-amz-request-id: 0296D719D09275B3
last-modified: Mon, 21 Dec 2020 21:01:06 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Tue, 22 Dec 2020 16:21:39 GMT
etag: "f76d996af1d213bf0ec2b9516034ce65"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 6JxeaoE2jerjQ8wf-U6PuVqZ8u1NWEtW9cPL5nmj2HmyAqfLqS0MJw==
age: 292

GET
H2 200 elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
js.stripe.com/v3/ Frame 298F 0
0 33ms
32ms Document
text/html 13.227.209.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-20.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://setecinvestigations.harvestapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://setecinvestigations.harvestapp.com/

Response headers

content-type: text/html; charset=utf-8
x-amz-id-2: TdmquV5KnHf+0/SyWTcsvEUt2ITHBfKJz1wc/SjSLeBZGr4FdnsaUtgvnTnmwDWomFOOX3DzKJ0=
x-amz-request-id: 8J5Z3Y2J7H6WBGBJ
last-modified: Mon, 21 Dec 2020 21:01:06 GMT
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Tue, 22 Dec 2020 16:23:19 GMT
etag: "391d24303a402ccdad4ebc7b8d1beca5"
cache-control: public, max-age=300
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 0103x5z1jI1ZHarLXx3bdNUPCR8FMsLh-simz1C3aaLkqtp2JJBiFQ==
age: 194

GET
H2 200 link.html
cdn.plaid.com/link/v2/stable/ Frame 1A95 0
0 48ms
48ms Document
text/html 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link.html?countryCodes=US&env=production&isLinkInitialize=true&key=4440bd551952832228fd520ff363be&origin=https%3A%2F%2Fsetecinvestigations.harvestapp.com&product=auth&uniqueId=1&version=2.0.826
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn.plaid.com
:scheme: https
:path: /link/v2/stable/link.html?countryCodes=US&env=production&isLinkInitialize=true&key=4440bd551952832228fd520ff363be&origin=https%3A%2F%2Fsetecinvestigations.harvestapp.com&product=auth&uniqueId=1&version=2.0.826
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://setecinvestigations.harvestapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://setecinvestigations.harvestapp.com/

Response headers

content-type: text/html
x-amz-id-2: lbTBr8M4q8TOPx8H3z4FHRRZFB7c87D3sb/xbUJgpGLdRQGccdLgffqjvh4XfHZQDlLU2ePjazw=
x-amz-request-id: 5007659D588A78B2
date: Tue, 22 Dec 2020 00:37:29 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Dec 2020 19:42:14 GMT
etag: W/"e6e5da0a52aed541b40d3d9e2a03cba6"
x-amz-server-side-encryption: AES256
cache-control: no-cache,must-revalidate,max-age=0
x-amz-version-id: CoM02pY5EN7UbAW9svTFD9F.8NPUDWbw
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: BMWLxnFtGjUpJdgMnFqOy86naBqCz1b6TAoRc8K1Ia1xkfnx47WGVQ==

GET
H2 200 m-outer-59cdd15d8db95826a41100f00b589171.html
js.stripe.com/v3/ Frame 41A3 0
0 34ms
34ms Document
text/html 13.227.209.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-20.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-59cdd15d8db95826a41100f00b589171.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://setecinvestigations.harvestapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://setecinvestigations.harvestapp.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: QOaYS6I7ce4OcWQqClOfu4GhHgqnOQyGOZ0VIwTDhdRK2SngM0rI6vhIydpx7KOBWumJOMkW7+s=
x-amz-request-id: 0EB6BD9C02C8A891
last-modified: Thu, 10 Dec 2020 15:57:35 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Tue, 22 Dec 2020 16:25:10 GMT
etag: "59cdd15d8db95826a41100f00b589171"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: ZBS7zOqQYiCfuNdFTn4n8rIYzTUpsoQ2VmpDPQRg5DfnpLKWTJfJKg==
age: 81

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2086193683&utmhn=setecinvestigations.harvestapp.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889

42 B
107 B

19ms
19ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889

Requested by

Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Dec 2020 16:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Dec 2020 16:26:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B6RVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2157
date: Tue, 22 Dec 2020 15:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 22 Dec 2020 17:50:34 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
78 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=981482460&t=pageview&_s=1&dl=https%3A%2F%2Fsetecinvestigations.harvestapp.com%2Fclient%2Finvoices%2Fb83bc3af55252a4dc8df887a78300e1c7a47a3ac&dp=%2Fclient%2Finvoices%2Fshow&ul=en-us&de=UTF-8&dt=Setec%20Investigations%20on%20Harvest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1562900302&gjid=468830741&cid=914160002.1608654391&tid=UA-103886-9&_gid=1288391300.1608654391&_r=1&gtm=2wgbu05B6RVD&cd1=business&cd2=None&cd3=Guest&cd4=N%2FA&z=1196919791

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Dec 2020 16:26:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://setecinvestigations.harvestapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
100 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-103886-9&cid=914160002.1608654391&jid=1562900302&gjid=468830741&_gid=1288391300.1608654391&_u=YEBAAAAAAAAAAC~&z=2057212280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Dec 2020 16:26:31 GMT
content-type: text/plain
access-control-allow-origin: https://setecinvestigations.harvestapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 20ms
20ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-103886-9&cid=914160002.1608654391&jid=1562900302&_u=YEBAAAAAAAAAAC~&z=1599391100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Dec 2020 16:26:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 49ms
35ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-103886-9&cid=914160002.1608654391&jid=1562900302&_u=YEBAAAAAAAAAAC~&z=1599391100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://setecinvestigations.harvestapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Dec 2020 16:26:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://cache.harvestapp.com/packs/js/error_tracking-e665832b0c49b394e787.js(Line 1) Message: [bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /csp_reports; default-src ; img-src data:; font-src data: cache.harvestapp.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.google-analytics.com https://.nr-data.net https://ajax.googleapis.com cache.harvestapp.com https://platform.twitter.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net https://googleads.g.doubleclick.net https://cdn.plaid.com https://tagmanager.google.com https://bat.bing.com https://ct.capterra.com https://checkout.stripe.com https://js.stripe.com https://q.stripe.com; style-src 'self' 'unsafe-inline' cache.harvestapp.com https://www.google.com https://tagmanager.google.com https://fonts.googleapis.com https://checkout.stripe.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cache.harvestapp.com
cdn.plaid.com
js.stripe.com
protect-us.mimecast.com
proxy.harvestfiles.com
sessions.bugsnag.com
setecinvestigations.harvestapp.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.227.209.20
2001:1838:2001:e::189
2001:1838:2001:e::222
205.139.111.113
2600:1901:0:7a0b::
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:817::2003
2a00:1450:4001:81b::2008
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9d
65.9.68.2
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5
21b44d2cb65068612278f747091fcdd426881096ce7216201eb3633e27c74a97
3e39d3088d6426a7e3654faf93a289fc4d9e55927c343b73c15415974690aec2
4430cc233dbb0c1874d86f3d375bd5bf369179298367c4787a20bf52a751dcd4
58198ec834d0bee07dee80f185f3bdd38426f9c1f3242bb72c521ee584690a87
768db80d861de3be8f353e230eeb9a4bf92f882ee90a6b9aef6d730870d8660e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89433d8a70a930964df203b91aa07675a9fd0420daec88c2c1f9df1670f5b40e
939adb7a892f2fad68433689b519eba95b093ed36326c710c90aaf1fdec6643e
aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d
d7697797470e519dc1059695c0829de7840f1b3a046e0e2793070fc045631c5c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

setecinvestigations.harvestapp.com Open in urlscan Pro 2001:1838:2001:e::189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

77 %IPv6

11 Domains

13 Subdomains

13 IPs

3 Countries

477 kBTransfer

1254 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

setecinvestigations.harvestapp.com Open in urlscan Pro
2001:1838:2001:e::189 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

477 kB
Transfer

1254 kB
Size

0
Cookies

25 HTTP transactions
3 data transactions