setecinvestigations.harvestapp.com Open in urlscan Pro
2001:1838:2001:e::189  Public Scan

Submitted URL: https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg
Effective URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Submission: On December 22 via manual from US

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 25 HTTP transactions. The main IP is 2001:1838:2001:e::189, located in United States and belongs to SERVERCENTRAL, US. The main domain is setecinvestigations.harvestapp.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 14th 2020. Valid for: 2 years.
This is the only time setecinvestigations.harvestapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 cache.harvestapp.com setecinvestigations.harvestapp.com
4 js.stripe.com setecinvestigations.harvestapp.com
js.stripe.com
3 cdn.plaid.com setecinvestigations.harvestapp.com
cdn.plaid.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de setecinvestigations.harvestapp.com
2 www.google.com 1 redirects
2 stats.g.doubleclick.net 1 redirects www.google-analytics.com
2 ssl.google-analytics.com 1 redirects setecinvestigations.harvestapp.com
2 sessions.bugsnag.com cache.harvestapp.com
2 protect-us.mimecast.com 2 redirects
1 www.googletagmanager.com setecinvestigations.harvestapp.com
1 proxy.harvestfiles.com setecinvestigations.harvestapp.com
1 setecinvestigations.harvestapp.com
25 13

This site contains links to these domains. Also see Links.

Domain
www.getharvest.com
Subject Issuer Validity Valid
*.harvestapp.com
GeoTrust RSA CA 2018
2020-02-14 -
2022-03-04
2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2020-09-22 -
2021-02-03
4 months crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA
2020-04-17 -
2022-04-22
2 years crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-18 -
2021-05-18
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 5 frames:

Primary Page: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Frame ID: 6140AE53CFBEFA9B954477CDD5BCE540
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f76d996af1d213bf0ec2b9516034ce65.html
Frame ID: 10CE3452D97AB52534FE975C52D4D0B3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
Frame ID: 298F131EE5416715CBA9F8AD17626E19
Requests: 1 HTTP requests in this frame

Frame: https://cdn.plaid.com/link/v2/stable/link.html?countryCodes=US&env=production&isLinkInitialize=true&key=4440bd551952832228fd520ff363be&origin=https%3A%2F%2Fsetecinvestigations.harvestapp.com&product=auth&uniqueId=1&version=2.0.826
Frame ID: 1A95BCADE09EEB83E5C9AC859F3C8C40
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Frame ID: 41A3EEDFA87A7A5702828C3B623B7783
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg HTTP 307
    https://protect-us.mimecast.com/redirect/eNptUmGL2zAM_SvFn9vUdpImKWO0dLsdo71Bd-1tRyE4tpq4i-Nguy3H2H-f0jsYGwv... HTTP 307
    https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

25
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

477 kB
Transfer

1254 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg HTTP 307
    https://protect-us.mimecast.com/redirect/eNptUmGL2zAM_SvFn9vUdpImKWO0dLsdo71Bd-1tRyE4tpq4i-Nguy3H2H-f0jsYGwvBSPLTk_Ssn8TJPpA5aStoHCyMDS28OC0hktaQMWmtJHM6Jg4k6D4EbYDM2Yzm6YwVdPjwDgn4mIDXCg3OYppkGRuTYMKDVYgnlBbIpXs0OS2iPI04o1ESY9D4ekgj71bL9WZnTuZuH-D5y_1TqOtutg0v39d7y_aPq89VV29238rVlZcfHyrgYbkwQrdRfTux3fdI1996YMmYnF2LtE0IvZ8fpoephwBSdxfwQdciaNv5qBFu8EXfD_mHqWw1dOEwRZhFDfxhWuVxJWNxTFOecpEomatjnmciy2NKgclMJJmIhcTSMOhYl3IC5dlTVjKelReF5yQpV7uvy5wuGU9LTjll-KOBuADOpBPUZ8JZkaVpUXCkqjyZzwqcBonn5E8yXgk5lFk1IH_stmsM1Oebfg117Yf7T6cH_bTUPt4nbfK8vuK9xCLWgJOvT_EXmTfCNxhUsqqypKKKqypWIgaWzxjLIB1sEEoxxuiRD1P6TjnMCNj5UXSL_6n6ujkOavQQ2juLmDA5-8jg-kjhwxvEn6sTAu5s29qr7urRrh9toRZODc5GODQhjB4ba3pvu9FltLnt52iLj0NuC7ax524Y_03Jm3byH9F-_QZOh-bG HTTP 307
    https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2086193683&utmhn=setecinvestigations.harvestapp.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Setec%20Investigations%20on%20Harvest&utmhid=981482460&utmr=-&utmp=%2Fclient%2Finvoices%2Fb83bc3af55252a4dc8df887a78300e1c7a47a3ac&utmht=1608654390343&utmac=UA-103886-22&utmcc=__utma%3D186612656.904244615.1608654390.1608654390.1608654390.1%3B%2B__utmz%3D186612656.1608654390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1326729105&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request b83bc3af55252a4dc8df887a78300e1c7a47a3ac
setecinvestigations.harvestapp.com/client/invoices/
Redirect Chain
  • https://protect-us.mimecast.com/s/JXoWCNk746UZp7AJfmIvJg
  • https://protect-us.mimecast.com/redirect/eNptUmGL2zAM_SvFn9vUdpImKWO0dLsdo71Bd-1tRyE4tpq4i-Nguy3H2H-f0jsYGwvBSPLTk_Ssn8TJPpA5aStoHCyMDS28OC0hktaQMWmtJHM6Jg4k6D4EbYDM2Yzm6YwVdPjwDgn4mIDXCg3OYppkGRuT...
  • https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
20 KB
8 KB
Document
General
Full URL
https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
89433d8a70a930964df203b91aa07675a9fd0420daec88c2c1f9df1670f5b40e
Security Headers
Name Value
Content-Security-Policy report-uri /csp_reports; default-src *; img-src * data:; font-src data: cache.harvestapp.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://*.nr-data.net https://ajax.googleapis.com cache.harvestapp.com https://platform.twitter.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net https://googleads.g.doubleclick.net https://cdn.plaid.com https://tagmanager.google.com https://bat.bing.com https://ct.capterra.com https://checkout.stripe.com https://js.stripe.com https://q.stripe.com; style-src 'self' 'unsafe-inline' cache.harvestapp.com https://www.google.com https://tagmanager.google.com https://fonts.googleapis.com https://checkout.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
setecinvestigations.harvestapp.com
:scheme
https
:path
/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Tue, 22 Dec 2020 16:26:29 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
cache-control
no-cache, no-store
p3p
CP="Our privacy policy is available online: https://www.getharvest.com/services/privacy-policy"
x-app-server
app7
x-robots-tag
noindex, nofollow
content-security-policy
report-uri /csp_reports; default-src *; img-src * data:; font-src data: cache.harvestapp.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://*.nr-data.net https://ajax.googleapis.com cache.harvestapp.com https://platform.twitter.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net https://googleads.g.doubleclick.net https://cdn.plaid.com https://tagmanager.google.com https://bat.bing.com https://ct.capterra.com https://checkout.stripe.com https://js.stripe.com https://q.stripe.com; style-src 'self' 'unsafe-inline' cache.harvestapp.com https://www.google.com https://tagmanager.google.com https://fonts.googleapis.com https://checkout.stripe.com
etag
W/"89433d8a70a930964df203b91aa07675"
set-cookie
_harvest_sess=1piW%2BcqHdw0H4jyk1lNnG6d1dfu50EyWEBmcocbyByNaECOytYUJKmPK3crydn6FZcQFAoQZaEGcW0R2CHhVve2lFJL4WNUApnrY8huyT%2BNsEZxHrrAXhCWdTEkyylownMHSG1puoRO9s%2F3gFtaEvCB5khilax4lzrih4lDCUldREAg0HeQsPihwf5YAYKAQRX0Fxc%2BIfkSyLVy%2FVqPB9RMUqnKCG08YZplzGL9DaFDOtOGK7zgrulVEmiWlT9Ugd5NxyxRqGDNgERdQAC7WambXmYK%2FUZdkIA09Va9HffZ1M4NCOJTJElejAzNwbu03DQ%3D%3D--rctqus3TqhylN6Ii--741A6Zml4IQN1aLaZxnmdQ%3D%3D; domain=.harvestapp.com; path=/; expires=Wed, 06 Jan 2021 16:26:29 GMT; secure; HttpOnly; SameSite=None
x-request-id
d2782b73af21f7aa6a2d59a00dabdab8
x-runtime
0.356678
strict-transport-security
max-age=31536000; includeSubDomains
x-server
lb3
content-encoding
gzip

Redirect headers

Date
Tue, 22 Dec 2020 16:26:28 GMT
Content-Length
0
Connection
keep-alive
Location
https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-control
no-store
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
fonts-18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5.css
cache.harvestapp.com/assets/
208 KB
153 KB
Stylesheet
General
Full URL
https://cache.harvestapp.com/assets/fonts-18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5.css
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:29 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 12:51:06 GMT
server
nginx
etag
W/"5f3688ba-33f2a"
content-type
text/css
cache-control
max-age=2851200
x-server
lb3
expires
Sun, 24 Jan 2021 16:26:29 GMT
client-0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8.css
cache.harvestapp.com/assets/
73 KB
15 KB
Stylesheet
General
Full URL
https://cache.harvestapp.com/assets/client-0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8.css
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:29 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 20:57:08 GMT
server
nginx
etag
W/"5f8f4f24-12560"
content-type
text/css
cache-control
max-age=2851200
x-server
lb3
expires
Sun, 24 Jan 2021 16:26:29 GMT
error_tracking-e665832b0c49b394e787.js
cache.harvestapp.com/packs/js/
41 KB
13 KB
Script
General
Full URL
https://cache.harvestapp.com/packs/js/error_tracking-e665832b0c49b394e787.js
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
21b44d2cb65068612278f747091fcdd426881096ce7216201eb3633e27c74a97

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:29 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 13:15:34 GMT
server
nginx
etag
W/"5fe1f176-a47b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2851200
x-server
lb3
expires
Sun, 24 Jan 2021 16:26:29 GMT
documents-2a3db7eb526ef6241358.js
cache.harvestapp.com/packs/js/client/
243 KB
84 KB
Script
General
Full URL
https://cache.harvestapp.com/packs/js/client/documents-2a3db7eb526ef6241358.js
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
58198ec834d0bee07dee80f185f3bdd38426f9c1f3242bb72c521ee584690a87

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:29 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 13:15:34 GMT
server
nginx
etag
W/"5fe1f176-3cbf7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2851200
x-server
lb3
expires
Sun, 24 Jan 2021 16:26:29 GMT
old_browser_warning-bc20c6de53375a898026.js
cache.harvestapp.com/packs/js/
2 KB
1 KB
Script
General
Full URL
https://cache.harvestapp.com/packs/js/old_browser_warning-bc20c6de53375a898026.js
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
768db80d861de3be8f353e230eeb9a4bf92f882ee90a6b9aef6d730870d8660e

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:30 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 13:15:34 GMT
server
nginx
etag
W/"5fe1f176-7b2"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2851200
x-server
lb3
expires
Sun, 24 Jan 2021 16:26:30 GMT
/
js.stripe.com/v3/
191 KB
50 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-209-20.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
939adb7a892f2fad68433689b519eba95b093ed36326c710c90aaf1fdec6643e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:24:27 GMT
content-encoding
gzip
vary
Accept-Encoding
age
123
via
1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
B97CDA4768B3788A
x-amz-id-2
pu8+4Ai9TpUoZlNO1Mo3QjV2OvjvThOBKksXXSIHLQIBZFb6csb6GzGiS7jn6TcSVPIo163NCoE=
last-modified
Tue, 22 Dec 2020 00:17:17 GMT
server
AmazonS3
etag
W/"56415658be7725579e844bf7947af628"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
AMS54-C1
timing-allow-origin
*
x-amz-cf-id
bPiJG1kZMdL3Qgrq96JCXrX9J76eb2fTD8Be8kzAnT9gd07kP5yKWA==
thumbnail.png
proxy.harvestfiles.com/production_harvestapp_public/uploads/account_logos/0006/7722/9934fa7cfb73bca9ab780706194fb199199e2af3/
13 KB
13 KB
Image
General
Full URL
https://proxy.harvestfiles.com/production_harvestapp_public/uploads/account_logos/0006/7722/9934fa7cfb73bca9ab780706194fb199199e2af3/thumbnail.png
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::222 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
d7697797470e519dc1059695c0829de7840f1b3a046e0e2793070fc045631c5c

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:30 GMT
last-modified
Tue, 17 Jan 2017 15:59:51 GMT
server
nginx
etag
"db5629c88211e0abb2d7df4f04c4c81e"
content-type
image/png
x-server
lb2
accept-ranges
bytes
content-length
13097
x-cached
HIT
link-initialize.js
cdn.plaid.com/link/v2/stable/
77 KB
24 KB
Script
General
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e39d3088d6426a7e3654faf93a289fc4d9e55927c343b73c15415974690aec2

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 20:07:49 GMT
content-encoding
gzip
x-amz-request-id
E4EE6F299BC05606
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
gHcrj4oztd0SuIcm3H4PdbGcFsZM7Fh9HD+yg8u+bf2FD5ZX3YV1RbbRCNk3MAF+ScWyiudHjvY=
last-modified
Mon, 21 Dec 2020 19:42:14 GMT
server
AmazonS3
etag
W/"6474330381808a9d059846424b44e334"
vary
Accept-Encoding
x-amz-version-id
pEA7LdGi7jlMCrqdYTPipW1DZA5OxKXB
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
dHxlE-1MfDre8J_RHx8ox1ac7BESgPsCVOYgS6AqamNLTe4tDeQcRA==
print-aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d.css
cache.harvestapp.com/assets/
4 KB
1 KB
Stylesheet
General
Full URL
https://cache.harvestapp.com/assets/print-aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d.css
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1838:2001:e::189 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
nginx /
Resource Hash
aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:30 GMT
content-encoding
gzip
last-modified
Wed, 07 Oct 2020 17:54:14 GMT
server
nginx
etag
W/"5f7e00c6-fec"
content-type
text/css
cache-control
max-age=2851200
x-server
lb3
expires
Sun, 24 Jan 2021 16:26:30 GMT
/
sessions.bugsnag.com/ Frame
0
0
Other
General
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://setecinvestigations.harvestapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Tue, 22 Dec 2020 16:26:30 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/
21 B
97 B
XHR
General
Full URL
https://sessions.bugsnag.com/
Requested by
Host: cache.harvestapp.com
URL: https://cache.harvestapp.com/packs/js/error_tracking-e665832b0c49b394e787.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://setecinvestigations.harvestapp.com/
Bugsnag-Sent-At
2020-12-22T16:26:30.166Z
Bugsnag-Api-Key
53973cdd33d63f27f7af7ef238992e9b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 22 Dec 2020 16:26:30 GMT
via
1.1 google
alt-svc
clear
content-length
21
content-type
application/json
gtm.js
www.googletagmanager.com/
144 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5B6RVD
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4430cc233dbb0c1874d86f3d375bd5bf369179298367c4787a20bf52a751dcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 16:26:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50585
x-xss-protection
0
last-modified
Tue, 22 Dec 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Dec 2020 16:26:30 GMT
truncated
/
47 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://setecinvestigations.harvestapp.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
49 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://setecinvestigations.harvestapp.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
50 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://setecinvestigations.harvestapp.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
link-dynamic-loader.js
cdn.plaid.com/link/2.0.826/
0
28 KB
Other
General
Full URL
https://cdn.plaid.com/link/2.0.826/link-dynamic-loader.js
Requested by
Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 20:07:50 GMT
content-encoding
gzip
age
73120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 21 Dec 2020 19:42:14 GMT
server
AmazonS3
etag
W/"18f2a7841c011369ad2f2322bc66e9f1"
vary
Accept-Encoding
x-amz-version-id
cSAib7diCmqpAEkr4FyxIhiowjZlTO32
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
MLkNgm2eMvCGjNC5rQWWAsPQ-CoCeKni6pmaM4dvZZiwPRZFX7qWfQ==
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1930
date
Tue, 22 Dec 2020 15:54:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 22 Dec 2020 17:54:20 GMT
controller-f76d996af1d213bf0ec2b9516034ce65.html
js.stripe.com/v3/ Frame 10CE
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-f76d996af1d213bf0ec2b9516034ce65.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-209-20.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-f76d996af1d213bf0ec2b9516034ce65.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://setecinvestigations.harvestapp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://setecinvestigations.harvestapp.com/

Response headers

content-type
text/html; charset=utf-8
content-length
562
x-amz-id-2
nOapxHKfJwj2jlrPHxCqNZraCXr+PtcjaZPLRttoymrp6V05JI7yLDIn1mMbv02FYUFPLJir1Os=
x-amz-request-id
0296D719D09275B3
last-modified
Mon, 21 Dec 2020 21:01:06 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date
Tue, 22 Dec 2020 16:21:39 GMT
etag
"f76d996af1d213bf0ec2b9516034ce65"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
6JxeaoE2jerjQ8wf-U6PuVqZ8u1NWEtW9cPL5nmj2HmyAqfLqS0MJw==
age
292
elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
js.stripe.com/v3/ Frame 298F
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-209-20.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-card-391d24303a402ccdad4ebc7b8d1beca5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://setecinvestigations.harvestapp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://setecinvestigations.harvestapp.com/

Response headers

content-type
text/html; charset=utf-8
x-amz-id-2
TdmquV5KnHf+0/SyWTcsvEUt2ITHBfKJz1wc/SjSLeBZGr4FdnsaUtgvnTnmwDWomFOOX3DzKJ0=
x-amz-request-id
8J5Z3Y2J7H6WBGBJ
last-modified
Mon, 21 Dec 2020 21:01:06 GMT
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Tue, 22 Dec 2020 16:23:19 GMT
etag
"391d24303a402ccdad4ebc7b8d1beca5"
cache-control
public, max-age=300
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
0103x5z1jI1ZHarLXx3bdNUPCR8FMsLh-simz1C3aaLkqtp2JJBiFQ==
age
194
link.html
cdn.plaid.com/link/v2/stable/ Frame 1A95
0
0
Document
General
Full URL
https://cdn.plaid.com/link/v2/stable/link.html?countryCodes=US&env=production&isLinkInitialize=true&key=4440bd551952832228fd520ff363be&origin=https%3A%2F%2Fsetecinvestigations.harvestapp.com&product=auth&uniqueId=1&version=2.0.826
Requested by
Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.plaid.com
:scheme
https
:path
/link/v2/stable/link.html?countryCodes=US&env=production&isLinkInitialize=true&key=4440bd551952832228fd520ff363be&origin=https%3A%2F%2Fsetecinvestigations.harvestapp.com&product=auth&uniqueId=1&version=2.0.826
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://setecinvestigations.harvestapp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://setecinvestigations.harvestapp.com/

Response headers

content-type
text/html
x-amz-id-2
lbTBr8M4q8TOPx8H3z4FHRRZFB7c87D3sb/xbUJgpGLdRQGccdLgffqjvh4XfHZQDlLU2ePjazw=
x-amz-request-id
5007659D588A78B2
date
Tue, 22 Dec 2020 00:37:29 GMT
x-amz-replication-status
COMPLETED
last-modified
Mon, 21 Dec 2020 19:42:14 GMT
etag
W/"e6e5da0a52aed541b40d3d9e2a03cba6"
x-amz-server-side-encryption
AES256
cache-control
no-cache,must-revalidate,max-age=0
x-amz-version-id
CoM02pY5EN7UbAW9svTFD9F.8NPUDWbw
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
BMWLxnFtGjUpJdgMnFqOy86naBqCz1b6TAoRc8K1Ia1xkfnx47WGVQ==
m-outer-59cdd15d8db95826a41100f00b589171.html
js.stripe.com/v3/ Frame 41A3
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.209.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-209-20.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://setecinvestigations.harvestapp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://setecinvestigations.harvestapp.com/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
QOaYS6I7ce4OcWQqClOfu4GhHgqnOQyGOZ0VIwTDhdRK2SngM0rI6vhIydpx7KOBWumJOMkW7+s=
x-amz-request-id
0EB6BD9C02C8A891
last-modified
Thu, 10 Dec 2020 15:57:35 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Tue, 22 Dec 2020 16:25:10 GMT
etag
"59cdd15d8db95826a41100f00b589171"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
ZBS7zOqQYiCfuNdFTn4n8rIYzTUpsoQ2VmpDPQRg5DfnpLKWTJfJKg==
age
81
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2086193683&utmhn=setecinvestigations.harvestapp.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889
Requested by
Host: setecinvestigations.harvestapp.com
URL: https://setecinvestigations.harvestapp.com/client/invoices/b83bc3af55252a4dc8df887a78300e1c7a47a3ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Dec 2020 16:26:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Dec 2020 16:26:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103886-22&cid=904244615.1608654390&jid=1326729105&_v=5.7.2&z=2086193683&slf_rd=1&random=1644920889
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B6RVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2157
date
Tue, 22 Dec 2020 15:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 22 Dec 2020 17:50:34 GMT
collect
www.google-analytics.com/j/
2 B
78 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=981482460&t=pageview&_s=1&dl=https%3A%2F%2Fsetecinvestigations.harvestapp.com%2Fclient%2Finvoices%2Fb83bc3af55252a4dc8df887a78300e1c7a47a3ac&dp=%2Fclient%2Finvoices%2Fshow&ul=en-us&de=UTF-8&dt=Setec%20Investigations%20on%20Harvest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1562900302&gjid=468830741&cid=914160002.1608654391&tid=UA-103886-9&_gid=1288391300.1608654391&_r=1&gtm=2wgbu05B6RVD&cd1=business&cd2=None&cd3=Guest&cd4=N%2FA&z=1196919791
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Dec 2020 16:26:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://setecinvestigations.harvestapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
100 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-103886-9&cid=914160002.1608654391&jid=1562900302&gjid=468830741&_gid=1288391300.1608654391&_u=YEBAAAAAAAAAAC~&z=2057212280
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 22 Dec 2020 16:26:31 GMT
content-type
text/plain
access-control-allow-origin
https://setecinvestigations.harvestapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
88 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-103886-9&cid=914160002.1608654391&jid=1562900302&_u=YEBAAAAAAAAAAC~&z=1599391100
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Dec 2020 16:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
483 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-103886-9&cid=914160002.1608654391&jid=1562900302&_u=YEBAAAAAAAAAAC~&z=1599391100
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://setecinvestigations.harvestapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Dec 2020 16:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Bugsnag function| jQuery function| $ object| dataLayer function| Stripe object| google_tag_manager object| google_tag_data object| Plaid object| __core-js_shared__ object| core object| _gaq object| _gat object| gaGlobal string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

0 Cookies

1 Console Messages

Source Level URL
Text
console-api debug URL: https://cache.harvestapp.com/packs/js/error_tracking-e665832b0c49b394e787.js(Line 1)
Message:
[bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri /csp_reports; default-src *; img-src * data:; font-src data: cache.harvestapp.com https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://*.nr-data.net https://ajax.googleapis.com cache.harvestapp.com https://platform.twitter.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://connect.facebook.net https://googleads.g.doubleclick.net https://cdn.plaid.com https://tagmanager.google.com https://bat.bing.com https://ct.capterra.com https://checkout.stripe.com https://js.stripe.com https://q.stripe.com; style-src 'self' 'unsafe-inline' cache.harvestapp.com https://www.google.com https://tagmanager.google.com https://fonts.googleapis.com https://checkout.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cache.harvestapp.com
cdn.plaid.com
js.stripe.com
protect-us.mimecast.com
proxy.harvestfiles.com
sessions.bugsnag.com
setecinvestigations.harvestapp.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.227.209.20
2001:1838:2001:e::189
2001:1838:2001:e::222
205.139.111.113
2600:1901:0:7a0b::
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:817::2003
2a00:1450:4001:81b::2008
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9d
65.9.68.2
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bb7d4ebf0023c30476490c0623e633948e9244dee5f4a3f386a412ff94cb7d8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18e018146cdc38523b3282782ecbb9e034ba41371c65640088469e435c43f8a5
21b44d2cb65068612278f747091fcdd426881096ce7216201eb3633e27c74a97
3e39d3088d6426a7e3654faf93a289fc4d9e55927c343b73c15415974690aec2
4430cc233dbb0c1874d86f3d375bd5bf369179298367c4787a20bf52a751dcd4
58198ec834d0bee07dee80f185f3bdd38426f9c1f3242bb72c521ee584690a87
768db80d861de3be8f353e230eeb9a4bf92f882ee90a6b9aef6d730870d8660e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89433d8a70a930964df203b91aa07675a9fd0420daec88c2c1f9df1670f5b40e
939adb7a892f2fad68433689b519eba95b093ed36326c710c90aaf1fdec6643e
aac1154493e2fb964d57c187ea1d6f990b82e81c10d9f556ba054f5ce31cd93d
d7697797470e519dc1059695c0829de7840f1b3a046e0e2793070fc045631c5c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629