apply.tymecard.co.za Open in urlscan Pro
197.96.131.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apply.tymecard.co.za/
Submission Tags: @phishunt_io
Submission: On November 22 via api (November 22nd 2020, 6:28:55 pm UTC) from ES

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 197.96.131.160, located in Cape Town, South Africa and belongs to IS, ZA. The main domain is apply.tymecard.co.za.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 28th 2020. Valid for: 3 months.

This is the only time apply.tymecard.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	197.96.131.160 197.96.131.160	3741 (IS) (IS)
3 5	197.98.191.202 197.98.191.202	3741 (IS) (IS)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	6

1 197.96.131.160 (Cape Town, South Africa)

ASN3741 (IS, ZA)

apply.tymecard.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 197.98.191.202 (Cape Town, South Africa) 3 redirects

ASN3741 (IS, ZA)

cas.rcs.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	rcs.co.za 3 redirects cas.rcs.co.za	65 KB
2	criteo.com sslwidget.criteo.com gum.criteo.com	1 KB
2	googletagmanager.com www.googletagmanager.com	58 KB
1	criteo.net static.criteo.net	12 KB
1	tymecard.co.za apply.tymecard.co.za	4 KB
8	5

	Domain	Requested by
5	cas.rcs.co.za	3 redirects apply.tymecard.co.za cas.rcs.co.za
2	www.googletagmanager.com	apply.tymecard.co.za
1	gum.criteo.com	static.criteo.net
1	sslwidget.criteo.com	static.criteo.net
1	static.criteo.net	www.googletagmanager.com
1	apply.tymecard.co.za
8	6

This site contains no links.

Subject Issuer	Validity	Valid
rcs.co.za DigiCert SHA2 Secure Server CA	`2020-08-28` - `2020-11-24`	3 months	crt.sh
*.rcs.co.za DigiCert SHA2 Secure Server CA	`2020-04-09` - `2021-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://apply.tymecard.co.za/
Frame ID: 6A3A4EE6374C564E3221E59B0A57A77C
Requests: 6 HTTP requests in this frame

Frame: https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2dTFLT3krVVhDUXlIcEU1Tm9lN1JSUT09*
Frame ID: A6A5F968010F5024F7AEFD984E3B4C5F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=apply.tymecard.co.za
Frame ID: 205624ED054456B8F0CE7B11FEAEE969
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

136 kB
Transfer

457 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cas.rcs.co.za/prweb/IAC?pyActivity=pzIncludeMashupScripts HTTP 303
https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*

Request Chain 3

https://cas.rcs.co.za/prweb/IAC/!CAS/$STANDARD?pyActivity=%40baseclass.doUIAction&action=createNewWork&isWebMashup=true&className=RCS-CAS-Work-SCM-App-Card-Credit&flowName=pyStartCase&pzSkinName=Tyme&isResume=false&BrandID=49&ProductID=P-299 HTTP 303
https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2dTFLT3krVVhDUXlIcEU1Tm9lN1JSUT09* HTTP 303
https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2dTFLT3krVVhDUXlIcEU1Tm9lN1JSUT09*

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
apply.tymecard.co.za/ 3 KB
4 KB 614ms
223ms Document
text/html 197.96.131.160
IS

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.tymecard.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.96.131.160 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: 9a48bd6f3011c13c72864a5f0eb147f3e5c371861c8231b7edd7854bfefbafa9

Request headers

Host: apply.tymecard.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=opldejg2fh1wdcjw2c3t3nt4; path=/; secure; HttpOnly; SameSite=Lax cookiesession1=24C741C0QY3UR0R3DKPD9GJ8JLS8B4BA;Path=/;HttpOnly
X-MiniProfiler-Ids: ["20ddc754-0c0f-45af-bee4-6d9e97c9e554","c990a4cf-5ad7-4215-9ffc-4f1aa57591f4","2ef5f42a-02c9-4a43-9f54-2ea71322aeb4","8f8b71b8-76d6-42a3-b932-a7b7e9f589d7","e0e942e8-ae61-44eb-80d4-ed6663bf2d15","8752ae33-1f18-4e84-94d5-aa6293704dd0","41dc2d44-4703-49e9-b642-4f07f5ac7cdf","895db7ff-b193-4ec7-9042-8341e4b081f2","14e76a3c-d531-4baa-ad66-a58192a7ba5e","11b12198-27b8-4c8e-9983-7be1ed87c998","c2d17f9a-192e-4293-80cd-5605d068af85","1e35bec0-c9d1-4fa0-b591-d328dcf2864d","784ac6d0-78de-4b8a-a651-f4b5c9b0441c","049ba820-f87c-469e-91df-8f4fd8444a55","f8842daf-c181-4962-8066-492b080dc88e","307a0843-6987-46f4-b415-b426f3b141db","2f442e50-58bf-4069-8874-6e1359d0c711","ef64e2c1-4c8b-462f-b2b3-a0bb2285361e","0d3a2379-3f46-49c7-8a96-249d243514bc","fc27e638-ce09-4579-b169-1dd44787945c","02d07e9c-bd77-4359-8e00-52a0fdd56fe1"]
Date: Sun, 22 Nov 2020 18:28:35 GMT
Content-Length: 2844

GET
H/1.1

200
OK

!STANDARD Show response
cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/
Redirect Chain

https://cas.rcs.co.za/prweb/IAC?pyActivity=pzIncludeMashupScripts
https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*

218 KB
61 KB

224ms
224ms

Script
text/javascript

197.98.191.202
IS

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*
Requested by: Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.98.191.202 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ARR/3.0
Resource Hash: af18a772b44fd141ba96d360e30f54c782ef960d80df5d61acd9d515777b2218

Request headers

Referer: https://apply.tymecard.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Nov 2020 18:28:38 GMT
Content-Encoding: gzip
X-Powered-By: ARR/3.0
P3P: This Application does not have a P3P policy.
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=20
Content-Length: 61784
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 Nov 2020 18:28:38 GMT
X-Powered-By: ARR/3.0
Content-Type: text/html;charset=UTF-8
Location: https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=20
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
58 KB 63ms
44ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NL24KQ

Requested by

Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9ef226b90349587d49c0d780bf4a6159e560c9ff9baaab23b4feefa28805d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://apply.tymecard.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:28:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59493
x-xss-protection: 0
last-modified: Sun, 22 Nov 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Nov 2020 18:28:36 GMT

GET
H2 400 gtm.js
www.googletagmanager.com/ 0
0 32ms
14ms Script
text/html 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=
Requested by: Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://apply.tymecard.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

Cookie set $STANDARD
cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/ Frame A6A5
Redirect Chain

https://cas.rcs.co.za/prweb/IAC/!CAS/$STANDARD?pyActivity=%40baseclass.doUIAction&action=createNewWork&isWebMashup=true&className=RCS-CAS-Work-SCM-App-Card-Credit&flowName=pyStartCase&pzSkinName=Ty...
https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3...
https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlI...

0
0

430ms
430ms

Document
text/html

197.98.191.202
IS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2dTFLT3krVVhDUXlIcEU1Tm9lN1JSUT09*

Requested by

Host: cas.rcs.co.za
URL: https://cas.rcs.co.za/prweb/IAC?pyActivity=pzIncludeMashupScripts

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.98.191.202 Cape Town, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self' https://castest.rcs.co.za http://castest.rcs.co.za https://cas-qa.rcs.co.za https://cas.rcs.co.za https://rcs.dev.fireworkx.com https://rcswww.qa.fireworkx.com https://ss-qa.rcs.co.za https://slow-qa.rcs.co.za https://fast-qa.rcs.co.za https://staging.rcs.co.za https://rcs.co.za https://cas-mock.rcs.co.za https://apply.tymecard.co.za http://cas-mock.rcs.co.za http://cas-temp.rcs.co.za https://cas-temp.rcs.co.za https://cas-gtm.rcs.co.za http://cas-gtm.rcs.co.za; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' http://www.google-analytics.com https://ssl.google-analytics.com data:; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' http://www.google-analytics.com https://ssl.google-analytics.com http://unpkg.com; style-src 'unsafe-inline' 'unsafe-eval' 'self'; default-src *; report-uri http://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD/!STANDARD

Request headers

Host: cas.rcs.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://apply.tymecard.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=5356A01B484F1E991B1D0CE3C1C4C7E7; Pega-RULES=%09%7Bpd%7DAAAABtAppObgc7YuW1JrCrRCWPQdQvnxaCASoO4%2FWIFHd8PywDt7IsSq%2F4Hros%2BU3ccIdw%3D%3DA; CAS_EXT_AFFINITY=c14f50d0da47a9e5624323f28fda50cc9057490d3ef74c5c3387b9dedbebcf93
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=20
Pragma: no-cache
Content-Length: 16831
Content-Type: text/html;charset=UTF-8
Content-Encoding: gzip
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: Pega-RULES=%09%7Bpd%7DAAAABtAppObgc7YuW1JrCrRCWPQdQvnxaCASoO4%2FWIFHd8PywDt7IsSq%2F4Hros%2BU3ccIdw%3D%3DA; Path=/prweb; SameSite=None; Secure
Content-Security-Policy: base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self' https://castest.rcs.co.za http://castest.rcs.co.za https://cas-qa.rcs.co.za https://cas.rcs.co.za https://rcs.dev.fireworkx.com https://rcswww.qa.fireworkx.com https://ss-qa.rcs.co.za https://slow-qa.rcs.co.za https://fast-qa.rcs.co.za https://staging.rcs.co.za https://rcs.co.za https://cas-mock.rcs.co.za https://apply.tymecard.co.za http://cas-mock.rcs.co.za http://cas-temp.rcs.co.za https://cas-temp.rcs.co.za https://cas-gtm.rcs.co.za http://cas-gtm.rcs.co.za; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' http://www.google-analytics.com https://ssl.google-analytics.com data:; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' http://www.google-analytics.com https://ssl.google-analytics.com http://unpkg.com; style-src 'unsafe-inline' 'unsafe-eval' 'self'; default-src *; report-uri http://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD/!STANDARD
X-Powered-By: ARR/3.0
Date: Sun, 22 Nov 2020 18:28:40 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=20
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2dTFLT3krVVhDUXlIcEU1Tm9lN1JSUT09*
Set-Cookie: Pega-RULES=%09%7Bpd%7DAAAABtAppObgc7YuW1JrCrRCWPQdQvnxaCASoO4%2FWIFHd8PywDt7IsSq%2F4Hros%2BU3ccIdw%3D%3DA; Path=/prweb; SameSite=None; Secure
Content-Security-Policy: base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self' https://castest.rcs.co.za http://castest.rcs.co.za https://cas-qa.rcs.co.za https://cas.rcs.co.za https://rcs.dev.fireworkx.com https://rcswww.qa.fireworkx.com https://ss-qa.rcs.co.za https://slow-qa.rcs.co.za https://fast-qa.rcs.co.za https://staging.rcs.co.za https://rcs.co.za https://cas-mock.rcs.co.za https://apply.tymecard.co.za http://cas-mock.rcs.co.za http://cas-temp.rcs.co.za https://cas-temp.rcs.co.za https://cas-gtm.rcs.co.za http://cas-gtm.rcs.co.za; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' http://www.google-analytics.com https://ssl.google-analytics.com data:; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' http://www.google-analytics.com https://ssl.google-analytics.com http://unpkg.com; style-src 'unsafe-inline' 'unsafe-eval' 'self'; default-src *; report-uri http://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD/!STANDARD
X-Powered-By: ARR/3.0
Date: Sun, 22 Nov 2020 18:28:40 GMT
Content-Length: 0

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 76ms
44ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL24KQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer: https://apply.tymecard.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:28:38 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:03:43 GMT
server: nginx
etag: W/"5f5f6a2f-90a2"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 23 Nov 2020 18:28:38 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 74ms
25ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=57361&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=tymecard.co.za&dtycbr=36265
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c5963b82ebaff6859ff5a6c77a49f0ed8a9804b404649d77972f6cf6ee656da

Request headers

Referer: https://apply.tymecard.co.za/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 18:28:37 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
server-processing-duration-in-ticks: 7656
timing-allow-origin: *
content-length: 864
expires: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame 2056 0
0 48ms
15ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=apply.tymecard.co.za

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=apply.tymecard.co.za
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://apply.tymecard.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://apply.tymecard.co.za/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 491
date: Sun, 22 Nov 2020 18:28:38 GMT
content-length: 0

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
apply.tymecard.co.za/	1970-01-19 14:09:16	Name: PegaIAC Value: IACtest
apply.tymecard.co.za/	1969-12-31 23:59:59	Name: cookiesession1 Value: 24C741C0QY3UR0R3DKPD9GJ8JLS8B4BA
apply.tymecard.co.za/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: opldejg2fh1wdcjw2c3t3nt4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply.tymecard.co.za
cas.rcs.co.za
gum.criteo.com
sslwidget.criteo.com
static.criteo.net
www.googletagmanager.com
178.250.2.151
197.96.131.160
197.98.191.202
2a00:1450:4001:817::2008
2a02:2638::1c
2a02:2638::3
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
8c5963b82ebaff6859ff5a6c77a49f0ed8a9804b404649d77972f6cf6ee656da
9a48bd6f3011c13c72864a5f0eb147f3e5c371861c8231b7edd7854bfefbafa9
af18a772b44fd141ba96d360e30f54c782ef960d80df5d61acd9d515777b2218
c9ef226b90349587d49c0d780bf4a6159e560c9ff9baaab23b4feefa28805d2e

apply.tymecard.co.za Open in urlscan Pro 197.96.131.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

136 kBTransfer

457 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

3 Cookies

Indicators

apply.tymecard.co.za Open in urlscan Pro
197.96.131.160 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

136 kB
Transfer

457 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions