urlscan.io logo urlscan.io
SecurityTrails logo

apply.tymecard.co.za Open in urlscan Pro
197.96.131.160  Public Scan

Go To Rescan Add Verdict Report
URL: https://apply.tymecard.co.za/
Submission Tags: @phishunt_io
Submission: On December 14 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 197.96.131.160, located in Cape Town, South Africa and belongs to IS, ZA. The main domain is apply.tymecard.co.za.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 21st 2020. Valid for: a year.
This is the only time apply.tymecard.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 197.96.131.160 3741 (IS)
3 5 197.98.191.202 3741 (IS)
2 2a00:1450:400... 15169 (GOOGLE)
2 197.96.131.161 3741 (IS)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 2a02:2638::1c 44788 (ASN-CRITE...)
10 7
1    197.96.131.160 (Cape Town, South Africa)

ASN3741 (IS, ZA)
apply.tymecard.co.za
5    197.98.191.202 (Cape Town, South Africa)

ASN3741 (IS, ZA)
cas.rcs.co.za
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    197.96.131.161 (Cape Town, South Africa)

ASN3741 (IS, ZA)
track-qa.rcs.co.za
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
Domain Requested by
5 cas.rcs.co.za 3 redirects apply.tymecard.co.za
cas.rcs.co.za
2 track-qa.rcs.co.za apply.tymecard.co.za
2 www.googletagmanager.com apply.tymecard.co.za
1 gum.criteo.com static.criteo.net
1 sslwidget.criteo.com static.criteo.net
1 static.criteo.net www.googletagmanager.com
1 apply.tymecard.co.za
10 7

This site contains no links.

Subject Issuer Validity Valid
rcs.co.za
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-21 -
2021-12-01		 a year crt.sh
*.rcs.co.za
DigiCert SHA2 Secure Server CA		 2020-04-09 -
2021-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://apply.tymecard.co.za/
Frame ID: 2F5FA47638E0C0BFD72C37C7D6E5F7E3
Requests: 7 HTTP requests in this frame

Frame: https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2MVA4VWc5WW5sYnRVWFRjdWs4RkhwdGpCdG1YTWdTNzFuY2R4TFhWeURaZ3lmNXhoWVhlTnNFRXdyZTZ0SDFCdkZaZ1pzaFlYYUFvYXdhT3lVcXZWMHc9PQ%3D%3D*
Frame ID: AB6BE505A32223E8274654D6D8252B6A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=apply.tymecard.co.za
Frame ID: D15CE7DE63A9912FF703AC5071A73708
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

10
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

137 kB
Transfer

459 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cas.rcs.co.za/prweb/IAC?pyActivity=pzIncludeMashupScripts HTTP 303
  • https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*
Request Chain 3
  • https://cas.rcs.co.za/prweb/IAC/!CAS/$STANDARD?pyActivity=%40baseclass.doUIAction&action=createNewWork&isWebMashup=true&className=RCS-CAS-Work-SCM-App-Card-Credit&flowName=pyStartCase&pzSkinName=Tyme&isResume=false&BrandID=49&ProductID=P-299&CookieID=e7957dc6-95c6-4c6c-853d-52c2a91b72b4 HTTP 303
  • https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2MVA4VWc5WW5sYnRVWFRjdWs4RkhwdGpCdG1YTWdTNzFuY2R4TFhWeURaZ3lmNXhoWVhlTnNFRXdyZTZ0SDFCdkZaZ1pzaFlYYUFvYXdhT3lVcXZWMHc9PQ%3D%3D* HTTP 303
  • https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2MVA4VWc5WW5sYnRVWFRjdWs4RkhwdGpCdG1YTWdTNzFuY2R4TFhWeURaZ3lmNXhoWVhlTnNFRXdyZTZ0SDFCdkZaZ1pzaFlYYUFvYXdhT3lVcXZWMHc9PQ%3D%3D*

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
apply.tymecard.co.za/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apply.tymecard.co.za/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
197.96.131.160 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/
Resource Hash
e52efe3d842e516420ba49bb677759b8d7048b1d3c093731b063c5b1fff7ae1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
apply.tymecard.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private,max-age=86400, s-maxage=86400, stale-while-revalidate=3600
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=1y5dxhtd3jjlmlykj4cxh5l1; path=/; secure; HttpOnly; SameSite=Lax ASP.NET_SessionId=1y5dxhtd3jjlmlykj4cxh5l1; path=/; secure; HttpOnly; SameSite=Lax _trk={"CookieId":"e7957dc6-95c6-4c6c-853d-52c2a91b72b4"}; expires=Wed, 14-Dec-2022 23:26:59 GMT; path=/; secure cookiesession1=24C741C08XOBOEQGAIODQWFCJCTH828D;Path=/;HttpOnly
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-FRAME-OPTIONS
SAMEORIGIN
Date
Mon, 14 Dec 2020 23:26:59 GMT
Content-Length
3301
!STANDARD
cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/
Redirect Chain
  • https://cas.rcs.co.za/prweb/IAC?pyActivity=pzIncludeMashupScripts
  • https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*
218 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*
Requested by
Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
197.98.191.202 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
056475f9d69004a07565971efac9d43d8aad0dbc199312a0fe88bb5c8b4b5a76

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Dec 2020 23:27:34 GMT
Content-Encoding
gzip
X-Powered-By
ARR/3.0
P3P
This Application does not have a P3P policy.
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=20
Content-Length
61786
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Dec 2020 23:27:34 GMT
X-Powered-By
ARR/3.0
Content-Type
text/html;charset=UTF-8
Location
https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!STANDARD?pzuiactionzzz=CXtpbn1oZmpQYTFzTnYrbjNrQmRiZlkzbXN1RHkzKy90WDZTaDRYT0JVeG9IWFp1RmlvRzlQRWRienBqMjNFWCtuMTla*
Cache-Control
no-cache, no-store, must-revalidate
Keep-Alive
timeout=20
Content-Length
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
gtm.js
www.googletagmanager.com/ 		201 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NL24KQ
Requested by
Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e5f02168eca2d1d64f3e047598c8107b9c9c709838abb8be97c32959730c27d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 23:26:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59841
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 21:48:33 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Dec 2020 23:26:59 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Cookie set $STANDARD
cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/ Frame AB6B
Redirect Chain
  • https://cas.rcs.co.za/prweb/IAC/!CAS/$STANDARD?pyActivity=%40baseclass.doUIAction&action=createNewWork&isWebMashup=true&className=RCS-CAS-Work-SCM-App-Card-Credit&flowName=pyStartCase&pzSkinName=Ty...
  • https://cas.rcs.co.za/prweb/IAC/QyhY2837vvGscmJDzRr3zQphd_xPWA2i*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3...
  • https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlI...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2MVA4VWc5WW5sYnRVWFRjdWs4RkhwdGpCdG1YTWdTNzFuY2R4TFhWeURaZ3lmNXhoWVhlTnNFRXdyZTZ0SDFCdkZaZ1pzaFlYYUFvYXdhT3lVcXZWMHc9PQ%3D%3D*
Requested by
Host: cas.rcs.co.za
URL: https://cas.rcs.co.za/prweb/IAC?pyActivity=pzIncludeMashupScripts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
197.98.191.202 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self' https://castest.rcs.co.za http://castest.rcs.co.za https://cas-qa.rcs.co.za https://cas.rcs.co.za https://rcs.dev.fireworkx.com https://rcswww.qa.fireworkx.com https://ss-qa.rcs.co.za https://slow-qa.rcs.co.za https://fast-qa.rcs.co.za https://staging.rcs.co.za https://rcs.co.za https://cas-mock.rcs.co.za https://apply.tymecard.co.za http://cas-mock.rcs.co.za http://cas-temp.rcs.co.za https://cas-temp.rcs.co.za https://cas-gtm.rcs.co.za http://cas-gtm.rcs.co.za; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' http://www.google-analytics.com https://ssl.google-analytics.com data:; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' http://www.google-analytics.com https://ssl.google-analytics.com http://unpkg.com; style-src 'unsafe-inline' 'unsafe-eval' 'self'; default-src *; report-uri http://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD/!STANDARD

Request headers

Host
cas.rcs.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=0ACD4C17C9B23B113B6DF4580FA7436B; Pega-RULES=%09%7Bpd%7DAAAABlbVr%2BJnt%2B71mGbWq4Ze7QGLjj16%2FXEcH32UGlrjImPpXTx8MmPn9RF%2Frx2sOX7u3Q%3D%3DA; CAS_EXT_AFFINITY=2c1f505a5b80a9243459fb262da4476ad634b756cd0f891e4c5e8930fc70b7b7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Keep-Alive
timeout=20
Pragma
no-cache
Content-Length
16837
Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie
Pega-RULES=%09%7Bpd%7DAAAABlbVr%2BJnt%2B71mGbWq4Ze7QGLjj16%2FXEcH32UGlrjImPpXTx8MmPn9RF%2Frx2sOX7u3Q%3D%3DA; Path=/prweb; SameSite=None; Secure
Content-Security-Policy
base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self' https://castest.rcs.co.za http://castest.rcs.co.za https://cas-qa.rcs.co.za https://cas.rcs.co.za https://rcs.dev.fireworkx.com https://rcswww.qa.fireworkx.com https://ss-qa.rcs.co.za https://slow-qa.rcs.co.za https://fast-qa.rcs.co.za https://staging.rcs.co.za https://rcs.co.za https://cas-mock.rcs.co.za https://apply.tymecard.co.za http://cas-mock.rcs.co.za http://cas-temp.rcs.co.za https://cas-temp.rcs.co.za https://cas-gtm.rcs.co.za http://cas-gtm.rcs.co.za; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' http://www.google-analytics.com https://ssl.google-analytics.com data:; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' http://www.google-analytics.com https://ssl.google-analytics.com http://unpkg.com; style-src 'unsafe-inline' 'unsafe-eval' 'self'; default-src *; report-uri http://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD/!STANDARD
X-Powered-By
ARR/3.0
Date
Mon, 14 Dec 2020 23:27:36 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Keep-Alive
timeout=20
Pragma
no-cache
Content-Type
text/html;charset=UTF-8
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD?pzuiactionzzz=CXtpbn1sdmFncU1Yck5WemR3WUd5MTczelNuR1NtY1JiTUZLcDUreXBBRnlHelVSSnhCaXhndjBDV0tFdHkxZzlLcDVQOUpvdndjb3FsRUptTFlIWEd0cTJHYkFobjlYcitMSDBLbjYzUTNLdWplL2lwNzN5SDRvdVNueDZoTHVheGE1ejB2di94OUR6RmpTUTByNjYrZUpCZlRNZ1JjSmJxVVYra0lxZ2RlRVlKQjh5WjVtWXg4UkFpZHlVZFVLVHBxQnZGTU5lalBiRjd3R1JjZGNRZ0hCaVhtNWRiKzJHV2dJZGpMZGc0Y1NKcUlueFdCRyt4UHA1djRHVEZhN1FHQjF2MVA4VWc5WW5sYnRVWFRjdWs4RkhwdGpCdG1YTWdTNzFuY2R4TFhWeURaZ3lmNXhoWVhlTnNFRXdyZTZ0SDFCdkZaZ1pzaFlYYUFvYXdhT3lVcXZWMHc9PQ%3D%3D*
Set-Cookie
Pega-RULES=%09%7Bpd%7DAAAABlbVr%2BJnt%2B71mGbWq4Ze7QGLjj16%2FXEcH32UGlrjImPpXTx8MmPn9RF%2Frx2sOX7u3Q%3D%3DA; Path=/prweb; SameSite=None; Secure
Content-Security-Policy
base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self' https://castest.rcs.co.za http://castest.rcs.co.za https://cas-qa.rcs.co.za https://cas.rcs.co.za https://rcs.dev.fireworkx.com https://rcswww.qa.fireworkx.com https://ss-qa.rcs.co.za https://slow-qa.rcs.co.za https://fast-qa.rcs.co.za https://staging.rcs.co.za https://rcs.co.za https://cas-mock.rcs.co.za https://apply.tymecard.co.za http://cas-mock.rcs.co.za http://cas-temp.rcs.co.za https://cas-temp.rcs.co.za https://cas-gtm.rcs.co.za http://cas-gtm.rcs.co.za; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' http://www.google-analytics.com https://ssl.google-analytics.com data:; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' http://www.google-analytics.com https://ssl.google-analytics.com http://unpkg.com; style-src 'unsafe-inline' 'unsafe-eval' 'self'; default-src *; report-uri http://cas.rcs.co.za/prweb/IAC/J28DY_eTs9HCdMKvAibt0g*/!CAS/$STANDARD/!STANDARD
X-Powered-By
ARR/3.0
Date
Mon, 14 Dec 2020 23:27:36 GMT
Content-Length
0
pc
track-qa.rcs.co.za/api/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://track-qa.rcs.co.za/api/pc
Protocol
H2
Server
197.96.131.161 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://apply.tymecard.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-headers
Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Set-Cookie, Set-Cookie2, SetProfile, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Requested-With
access-control-allow-methods
POST
access-control-allow-credentials
true
access-control-max-age
1728000
x-powered-by
ASP.NET
date
Mon, 14 Dec 2020 23:27:01 GMT
content-length
0
pc
track-qa.rcs.co.za/api/ 		4 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-qa.rcs.co.za/api/pc
Requested by
Host: apply.tymecard.co.za
URL: https://apply.tymecard.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
197.96.131.161 Cape Town, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 14 Dec 2020 23:27:01 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
4
expires
-1
ld.js
static.criteo.net/js/ld/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL24KQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 23:27:00 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 13:03:43 GMT
server
nginx
etag
W/"5f5f6a2f-90a2"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 15 Dec 2020 23:27:00 GMT
event
sslwidget.criteo.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=57361&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=tymecard.co.za&dtycbr=78747
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8c5963b82ebaff6859ff5a6c77a49f0ed8a9804b404649d77972f6cf6ee656da

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Dec 2020 23:27:00 GMT
content-encoding
gzip
content-type
application/x-javascript
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
server-processing-duration-in-ticks
10653
timing-allow-origin
*
content-length
864
expires
0
syncframe
gum.criteo.com/ Frame D15C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=apply.tymecard.co.za
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=apply.tymecard.co.za
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
688
date
Mon, 14 Dec 2020 23:27:00 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager function| postscribe object| pega function| getElementsByQuery function| Hashtable function| SafeURL function| SafeURL_createFromURL function| SafeURL_createFromEncryptedURL function| SafeURL_createFromEncryptedURLwithQueryString function| SafeURL_getParameterParamNameList function| SafeURL_getParameterParamValueList function| SafeURL_getNameValuePairsAsObject function| SafeURL_clone function| serializeSafeURL function| deserializeSafeURL function| hashtable_clear function| hashtable_containsKey function| hashtable_containsValue function| hashtable_get function| hashtable_isEmpty function| hashtable_keys function| hashtable_put function| hashtable_remove function| hashtable_size function| hashtable_toString function| hashtable_values object| URLObfuscation number| BS number| BB object| RA object| SO object| RC object| SB object| SBI object| xorMask function| cSL number| Nk number| Nb number| Nr function| XT function| GF function| bS function| sR function| mC function| aRK function| OY function| YE function| Rd function| iRd function| FRd function| iFRd function| encrypt function| decrypt function| pB function| uPB function| fPT function| rijndaelEncrypt function| rijndaelDecrypt function| stringToByteArray function| byteArrayToString function| byteArrayToHex function| hexToByteArray function| formatKey function| getCookie function| getObfuscationKey boolean| bPegaIacInitialOnLoad boolean| bPegaIacGadgetsInitialized object| p_w_window function| _executeFunction function| _initAllPegaObjects function| _completePegaObjectsInit function| _getDefaultAppUrl function| onMashupData string| endpoint string| cookieName undefined| data number| visitTimeout string| referrer string| gclid string| referrerHostName string| pageHostName string| pagePath string| utmCampaign string| utmMedium string| utmSource string| utmTerm string| utmContent string| idRef boolean| debugTracking function| getParameterByName function| CatchId function| PostId function| setCookie function| eraseCookie function| dateAdd function| guid function| postCookie function| postJSONCookie function| checkForCookie function| createNewCookie function| updateCookie function| persistCookie function| persistCookieWithId function| CookieLoad function| log function| logRegardless object| criteo_q

4 Cookies

Domain/Path Name / Value
apply.tymecard.co.za/ Name: PegaIAC
Value: IACtest
apply.tymecard.co.za/ Name: _trk
Value: {"CookieId":"e7957dc6-95c6-4c6c-853d-52c2a91b72b4"}
apply.tymecard.co.za/ Name: cookiesession1
Value: 24C741C08XOBOEQGAIODQWFCJCTH828D
apply.tymecard.co.za/ Name: ASP.NET_SessionId
Value: 1y5dxhtd3jjlmlykj4cxh5l1

3 Console Messages

Source Level URL
Text
console-api log (Line 15)
Message:
apply.tymecard.co.za
console-api log (Line 15)
Message:
***************UPDATE***************
console-api log (Line 15)
Message:
***************PERSIST***************

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block