upload.fairwaybilling.com Open in urlscan Pro
98.115.148.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://upload.fairwaybilling.com/
Submission: On October 13 via automatic, source certstream-suspicious (October 13th 2021, 8:23:53 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 16 HTTP transactions. The main IP is 98.115.148.231, located in Norristown, United States and belongs to UUNET, US. The main domain is upload.fairwaybilling.com.
TLS certificate: Issued by R3 on October 13th 2021. Valid for: 3 months.

This is the only time upload.fairwaybilling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	98.115.148.231 98.115.148.231	701 (UUNET) (UUNET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	94.31.29.64 94.31.29.64	6461 (ZAYO-6461) (ZAYO-6461)
1	104.196.144.125 104.196.144.125	15169 (GOOGLE) (GOOGLE)
16	5

8 98.115.148.231 (Norristown, United States)

ASN701 (UUNET, US)
PTR: www.csrc.com

upload.fairwaybilling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.64 (United Kingdom) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.64.IPYX-077437-ZYO.above.net

xdib82yhgtz1iwwhf3msaw7i-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.196.144.125 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 125.144.196.104.bc.googleusercontent.com

www.relatient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	fairwaybilling.com upload.fairwaybilling.com	968 KB
4	fontawesome.com use.fontawesome.com	88 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	relatient.com www.relatient.com	8 KB
1	netdna-ssl.com 1 redirects xdib82yhgtz1iwwhf3msaw7i-wpengine.netdna-ssl.com	149 B
1	jquery.com code.jquery.com	29 KB
16	6

	Domain	Requested by
8	upload.fairwaybilling.com	upload.fairwaybilling.com
4	use.fontawesome.com	upload.fairwaybilling.com use.fontawesome.com
2	fonts.googleapis.com	upload.fairwaybilling.com
1	www.relatient.com	upload.fairwaybilling.com
1	xdib82yhgtz1iwwhf3msaw7i-wpengine.netdna-ssl.com	1 redirects
1	code.jquery.com	upload.fairwaybilling.com
16	6

This site contains links to these domains. Also see Links.

Domain
www.fairwaybilling.com
exchangeedi.com
email.relatient.net

Subject Issuer	Validity	Valid
www.csrc.com R3	`2021-10-13` - `2022-01-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.relatient.com R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://upload.fairwaybilling.com/
Frame ID: 18BF1320C87C7A258B516AD25EDBFFF0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

C&S Research Corporation | Provision

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

50 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

1097 kB
Transfer

1189 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.fairwaybilling.com/
Title: Learn More

Search URL Search Domain Scan URL

URL: http://exchangeedi.com/
Title: More Info

Search URL Search Domain Scan URL

URL: http://email.relatient.net/?hs_preview=FdkOCPzl-31428115938
Title: Click Details

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://xdib82yhgtz1iwwhf3msaw7i-wpengine.netdna-ssl.com/wp-content/uploads/2017/03/RELATIENT_logo-medres.png HTTP 301
https://www.relatient.com/wp-content/uploads/2017/03/RELATIENT_logo-medres.png

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
upload.fairwaybilling.com/ 9 KB
9 KB 328ms
105ms Document
text/html 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 / PHP/5.6.38
Resource Hash: 54ff08a21a8f7a5d68e8ec97e246d6d1b93ab39c13146a3b59de1945126a4344

Request headers

Host: upload.fairwaybilling.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 13 Oct 2021 08:23:46 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
X-Powered-By: PHP/5.6.38
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style_resp.css
upload.fairwaybilling.com/ 19 KB
20 KB 102ms
102ms Stylesheet
text/css 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://upload.fairwaybilling.com/style_resp.css
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: 556177f1d780f38c09f4333c394bcfbee70313a7ee04a1dc76adde5d973dc44f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://upload.fairwaybilling.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:46 GMT
Last-Modified: Mon, 26 Jul 2021 18:48:54 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "4d29-5c80b347eb346"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19753

GET
H/1.1 200
OK accordion.css
upload.fairwaybilling.com/ 3 KB
4 KB 292ms
99ms Stylesheet
text/css 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://upload.fairwaybilling.com/accordion.css
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: da1490fb9e939941ef6f2b77ed6d96403a13e1cb3240cfff30551e2a5e1030f4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://upload.fairwaybilling.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:46 GMT
Last-Modified: Mon, 12 Feb 2018 15:35:42 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "d26-56505a185395c"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3366

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora

Requested by

Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bbd33699a44514373f2c019844adf69e8f02fe660a54215e725071f9fe7e750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 07:28:17 GMT
server: ESF
date: Wed, 13 Oct 2021 08:23:47 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 08:23:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2abd78a393bf89415c3eb149bd99f3c2ded21ccfad7d0fcf6b764622eac18ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 08:23:47 GMT
server: ESF
date: Wed, 13 Oct 2021 08:23:47 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 08:23:47 GMT

GET
H2 200 154775effe.js Show response
use.fontawesome.com/ 9 KB
4 KB 31ms
14ms Script
text/javascript 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/154775effe.js
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f624a852613b76b75f7922347de5721c9edfc8eedd573e606019940f7ce4cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:23:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: A73GFB34WQXKPCRX
x-amz-id-2: Jw2cK09AjNznOZMlmDhzinE6/j9JSBYgxEFbyzEDJpLUeSvHKy8Jg4rLm2TLZI/qH62smOtG7kg=
last-modified: Wed, 30 Jun 2021 16:58:03 GMT
server: cloudflare
etag: W/"fd61305bc82ca41c2fc14e3f3dde326d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEqDJ6CnIzixa7V0Jn41oG0SpTUwDgFTr6M%2F6NNiVSj45iUnPAJ8RaP8K5Z70Qo4hgBwqthNwphEUO1woMbV728G%2FuwpHniyzW1Ikn6XPlWDsoCiJAgkwfbaIiRGlY9ZmzDuImCyFmf8bFwIf%2BigbAbO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 69d72af88b4442db-FRA

GET
H2 200 jquery-2.2.3.min.js Show response
code.jquery.com/ 84 KB
29 KB 26ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.3.min.js
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:23:47 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2016 19:27:05 GMT
server: nginx
etag: W/"57041189-14e9b"
vary: Accept-Encoding
x-hw: 1634113427.dop205.fr8.t,1634113427.cds214.fr8.hn,1634113427.cds275.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29881

GET
H/1.1 200
OK logo_provision_300.png
upload.fairwaybilling.com/images/ 99 KB
99 KB 116ms
103ms Image
image/png 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.fairwaybilling.com/images/logo_provision_300.png
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: feea6853261a45c1dc0453df81b1941397580f26dc8f87cde47dab24584463d2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://upload.fairwaybilling.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:46 GMT
Last-Modified: Mon, 12 Feb 2018 15:30:43 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "18a7c-565058faced03"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 100988

GET
H/1.1 200
OK logo_fairwayMS_200.png
upload.fairwaybilling.com/images/ 74 KB
74 KB 100ms
100ms Image
image/png 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.fairwaybilling.com/images/logo_fairwayMS_200.png
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: 816b46bdd2450f12c21d2ce1da656c047b238d3a48a77a7b250ee7b07793dda5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://upload.fairwaybilling.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:46 GMT
Last-Modified: Fri, 23 Aug 2019 17:57:57 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "1272d-590cc8bdc4ba1"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 75565

GET
H/1.1 200
OK logo_exchange_EDI_200.png
upload.fairwaybilling.com/images/ 80 KB
80 KB 196ms
103ms Image
image/png 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.fairwaybilling.com/images/logo_exchange_EDI_200.png
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: 4f9ba4c3b175107e4446185dfb8a4037d045e458d93f5ebda8bb934770b2516d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://upload.fairwaybilling.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:47 GMT
Last-Modified: Wed, 28 Mar 2018 19:02:21 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "14013-5687da589b307"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 81939

GET
H2

200

RELATIENT_logo-medres.png
www.relatient.com/wp-content/uploads/2017/03/
Redirect Chain

https://xdib82yhgtz1iwwhf3msaw7i-wpengine.netdna-ssl.com/wp-content/uploads/2017/03/RELATIENT_logo-medres.png
https://www.relatient.com/wp-content/uploads/2017/03/RELATIENT_logo-medres.png

8 KB
8 KB

532ms
209ms

Image
image/png

104.196.144.125
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.relatient.com/wp-content/uploads/2017/03/RELATIENT_logo-medres.png
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.144.125 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.144.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 91431d20554141fd25856e834d5ce53ad0895811db53bd3bad2110d474979107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:23:48 GMT
last-modified: Wed, 17 Jun 2020 02:30:09 GMT
server: nginx
etag: "5ee98031-1fcd"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8141

Redirect headers

location: http://www.relatient.com/wp-content/uploads/2017/03/RELATIENT_logo-medres.png
date: Wed, 13 Oct 2021 08:23:47 GMT
server: NetDNA-cache/2.2
content-length: 162
x-cache: MISS
content-type: text/html

GET
H2 200 154775effe.css
use.fontawesome.com/ 1 KB
759 B 13ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/154775effe.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/154775effe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb2c6be0190801d34a590851e62e5b21d717fd1726d2b9743a6589c00a8814a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:23:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: A73TNJBFCQG59SEJ
x-amz-id-2: sELO40r1NI69lTHEczfGglLgShqJ121THRmbQKEqRw5AH3KeWoVPTWxGUZKe2ObyWwdFglHrTfo=
last-modified: Wed, 30 Jun 2021 16:58:03 GMT
server: cloudflare
etag: W/"cdec5d6c5f1c19ceaf32b1cf1dd35f36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZQd8IrZEAeUKcvSL4drGzcIJo03UTUA63sT4u6T3gorRNBWMomIhLoCH8nbeUC0YWBUDAD1nq4OWtLDg3fAlQ5UYNpHzgZEgoU1efeZQ0%2B50wTEsEWpBUmLgBPwnJO8c0kgG%2FwUocePUvFAbzyAEcQc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 69d72afa4f8c42db-FRA

GET
H/1.1 200
OK iStock_heartbeat.jpg
upload.fairwaybilling.com/images/ 333 KB
333 KB 302ms
104ms Image
image/jpeg 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.fairwaybilling.com/images/iStock_heartbeat.jpg
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/style_resp.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: 5be2f65252bbed0b2ce956ccd3bc8c452aaa3a2032ff8ef3b3c7aa078a4b1a13

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://upload.fairwaybilling.com/style_resp.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/style_resp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:47 GMT
Last-Modified: Mon, 12 Feb 2018 15:30:16 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "5331d-565058e17c914"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 340765

GET
H/1.1 200
OK bg_abstract.png
upload.fairwaybilling.com/images/ 349 KB
350 KB 299ms
101ms Image
image/png 98.115.148.231
UUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.fairwaybilling.com/images/bg_abstract.png
Requested by: Host: upload.fairwaybilling.com
URL: https://upload.fairwaybilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 98.115.148.231 Norristown, United States, ASN701 (UUNET, US),
Reverse DNS: www.csrc.com
Software: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38 /
Resource Hash: dd326b4db1c817dc54fd518a2656e72f24f415543f6230fb5640c5444e3cdafe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://upload.fairwaybilling.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://upload.fairwaybilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 08:23:47 GMT
Last-Modified: Mon, 12 Feb 2018 15:25:38 GMT
Server: Apache/2.4.49 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/5.6.38
ETag: "574ca-565057d83606b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 357578

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 13ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/154775effe.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/154775effe.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:23:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8511384
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCdylGCi7nsOrVXUy%2BGwbhX9nm98iiy%2Bj2xKaFc37FrUMHC0HcceUxEIm9Vudr7KStSztM9bNnwx1Gt3iENgmWKLiMEUfjE80pE4%2BVImMg3N0y1NVA1kKCIeTSmBg%2BAEn96CRgGm4%2F9OzaKEktTM0bwI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 69d72afa6fc942db-FRA

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 225ms
210ms Font
application/font-woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/154775effe.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/154775effe.css
Origin: https://upload.fairwaybilling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:23:47 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JCV2CX4XQRC5NJ3N
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-amz-id-2: Bkx5QxWZrXMEuGAz/nvJpTvDyA9OwmrlBoJ0O2bMF2t5Njzy2zMBGqPIdCFU3CFZ5TjgkqX4Ed0=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsJCeXTuzAhReUTp0tY5pn8eEnNooQKD3%2F2SehJDHT9Jvexw3V1X39S6%2BDIDHYl5REDpNgmyutI5fI6ucIQuQ1D46UVOKRebrSNBWtU70VE2g5QKqAdzF7YIhFlt6wHHYUYMRcXkCd1z4cnUiFliOVr8"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 69d72afaaca8dfd7-FRA

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
upload.fairwaybilling.com
use.fontawesome.com
www.relatient.com
xdib82yhgtz1iwwhf3msaw7i-wpengine.netdna-ssl.com
104.196.144.125
2001:4de0:ac18::1:a:2b
2606:4700:3031::ac43:d645
2a00:1450:4001:827::200a
94.31.29.64
98.115.148.231
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4f9ba4c3b175107e4446185dfb8a4037d045e458d93f5ebda8bb934770b2516d
54ff08a21a8f7a5d68e8ec97e246d6d1b93ab39c13146a3b59de1945126a4344
556177f1d780f38c09f4333c394bcfbee70313a7ee04a1dc76adde5d973dc44f
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5be2f65252bbed0b2ce956ccd3bc8c452aaa3a2032ff8ef3b3c7aa078a4b1a13
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6bbd33699a44514373f2c019844adf69e8f02fe660a54215e725071f9fe7e750
816b46bdd2450f12c21d2ce1da656c047b238d3a48a77a7b250ee7b07793dda5
8eb2c6be0190801d34a590851e62e5b21d717fd1726d2b9743a6589c00a8814a
8f624a852613b76b75f7922347de5721c9edfc8eedd573e606019940f7ce4cab
91431d20554141fd25856e834d5ce53ad0895811db53bd3bad2110d474979107
c2abd78a393bf89415c3eb149bd99f3c2ded21ccfad7d0fcf6b764622eac18ad
da1490fb9e939941ef6f2b77ed6d96403a13e1cb3240cfff30551e2a5e1030f4
dd326b4db1c817dc54fd518a2656e72f24f415543f6230fb5640c5444e3cdafe
feea6853261a45c1dc0453df81b1941397580f26dc8f87cde47dab24584463d2

upload.fairwaybilling.com Open in urlscan Pro 98.115.148.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

50 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

5 IPs

4 Countries

1097 kBTransfer

1189 kBSize

0 Cookies

3 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

upload.fairwaybilling.com Open in urlscan Pro
98.115.148.231 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

50 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

1097 kB
Transfer

1189 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions