urlscan.io logo urlscan.io
SecurityTrails logo

eworks.cesarioandco.com Open in urlscan Pro
72.143.53.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Submission: On March 29 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 72.143.53.35, located in Thornhill, Canada and belongs to ROGERS-COMMUNICATIONS, CA. The main domain is eworks.cesarioandco.com.
TLS certificate: Issued by R3 on February 4th 2023. Valid for: 3 months.
This is the only time eworks.cesarioandco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 72.143.53.35 812 (ROGERS-CO...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.52.144.38 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
7 4
Apex Domain
Subdomains		 Transfer
3 cesarioandco.com
eworks.cesarioandco.com
44 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
82 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
31 KB
1 convergepay.com
api.convergepay.com — Cisco Umbrella Rank: 132872
100 KB
7 4
Domain Requested by
3 eworks.cesarioandco.com eworks.cesarioandco.com
2 cdnjs.cloudflare.com eworks.cesarioandco.com
cdnjs.cloudflare.com
1 ajax.googleapis.com eworks.cesarioandco.com
1 api.convergepay.com eworks.cesarioandco.com
7 4

This site contains no links.

Subject Issuer Validity Valid
eworks.tilesplus.com
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
convergepay.com
Entrust Certification Authority - L1M		 2022-07-06 -
2023-08-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Frame ID: D9DBA6FE7D5D761A563177AB0D9111FE
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cesario & Co - Payment Processing - Powered by e-Works

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

256 kB
Transfer

333 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
eworks.cesarioandco.com/payment/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.143.53.35 Thornhill, Canada, ASN812 (ROGERS-COMMUNICATIONS, CA),
Reverse DNS
unallocated-static.rogers.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25 / PHP/7.4.25
Resource Hash
a870c0b6719bdaca729946cd1793b855837a7042b00d52795409c8e2ebcb3e83
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Mar 2023 17:38:02 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.25
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: eworks.cesarioandco.com
URL: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eworks.cesarioandco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 17:38:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
502946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOCekAj9IInz%2BFEE2otdpUjpvcM5ilD%2FWNZhkBv6vW%2BEs2Guf9JovBc7jFtf2Ce9s7Ef4GiXD3%2BUTWuDqrbZbufdN7mVqOSKHFDL%2Bu7CRXcumy0aNY793lDdZR7oxiBGaoid0A%2Bfg9fa77FoP2tqvYV%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7af9e2dcba714bd0-YUL
expires
Mon, 18 Mar 2024 17:38:22 GMT
style.css
eworks.cesarioandco.com/payment/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eworks.cesarioandco.com/payment/style.css
Requested by
Host: eworks.cesarioandco.com
URL: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.143.53.35 Thornhill, Canada, ASN812 (ROGERS-COMMUNICATIONS, CA),
Reverse DNS
unallocated-static.rogers.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25 /
Resource Hash
122f73188181795c9aa5399e96ecb758c1fb882d5ab5a80f97979dd064d5b667
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 17:38:22 GMT
Last-Modified
Fri, 03 Dec 2021 16:57:27 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25
ETag
"4ca-5d240cd42cbc0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1226
Checkout.js
api.convergepay.com/hosted-payments/ 		99 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.convergepay.com/hosted-payments/Checkout.js
Requested by
Host: eworks.cesarioandco.com
URL: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.38 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
214344d3462c8f3c8edceea7bed5c3431dc08e06906f07aba409538d59201ce2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eworks.cesarioandco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Wed, 29 Mar 2023 17:38:22 GMT
Last-Modified
Wed, 18 Jan 2023 17:43:34 GMT
Server
Apache
Client-IP-Seen-by-Edge
149.56.153.178
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Cnection
close
Cache-Control
no-store
Debug-XFF-Seen-by-Edge
149.56.153.178
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101521
Client-IP-Seen-by-Parent
172.106.112.146, 108.46.77.233, 108.46.77.233
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: eworks.cesarioandco.com
URL: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eworks.cesarioandco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 11:42:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Mar 2024 11:42:09 GMT
Cesario%20&%20Co%20-%20Large.png
eworks.cesarioandco.com/payment/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eworks.cesarioandco.com/payment/Cesario%20&%20Co%20-%20Large.png
Requested by
Host: eworks.cesarioandco.com
URL: https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.143.53.35 Thornhill, Canada, ASN812 (ROGERS-COMMUNICATIONS, CA),
Reverse DNS
unallocated-static.rogers.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25 /
Resource Hash
6ae77959fca98bea0f58f12a61445b7181526f440e7dffc512cfa32d74a553d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eworks.cesarioandco.com/payment/index.php?code=8e68299f17eee6c410dde00c57da06fe38508d95bde67befe31c862b4d60df16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 17:38:22 GMT
Last-Modified
Fri, 10 Dec 2021 14:33:34 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25
ETag
"7a7a-5d2cb9b954b80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
31354
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://eworks.cesarioandco.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 17:38:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2507684
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQtxORf%2BuFjk9RPMVzZILrz8%2FJg4%2BFmuNTarWBo2XVHByuuOspPjpSWoKYTwgd%2BYAbKwNfHMo5eLGeBHjn2jCtjL8QTuwycKECZANTrWXJ1Cc%2Fx8ZSF3LhiBqES4xByGa%2FnTRe1lgTvcvBhM9sGzHGdU"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7af9e2de1a7e4bc5-YUL
expires
Mon, 18 Mar 2024 17:38:23 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| _local_$ function| _local_jQuery object| ConvergeEmbeddedPayment function| $ function| jQuery function| initiateCheckoutJS function| pay function| showResult

1 Cookies

Domain/Path Name / Value
eworks.cesarioandco.com/ Name: PHPSESSID
Value: 4ct18c88ktb37uquhse6tdj55c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN