urlscan.io logo urlscan.io
SecurityTrails logo

exchangeyourcard.com.au Open in urlscan Pro
54.74.189.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://exchangeyourcard.com.au/faqs
Effective URL: https://exchangeyourcard.com.au/faqs
Submission: On May 05 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 34 HTTP transactions. The main IP is 54.74.189.17, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is exchangeyourcard.com.au.
TLS certificate: Issued by R3 on May 3rd 2024. Valid for: 3 months.
This is the only time exchangeyourcard.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 54.74.189.17 16509 (AMAZON-02)
6 18.65.244.96 16509 (AMAZON-02)
1 172.217.167.78 15169 (GOOGLE)
5 104.17.25.14 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
1 172.64.154.86 13335 (CLOUDFLAR...)
1 18.65.244.21 16509 (AMAZON-02)
2 18.155.188.83 16509 (AMAZON-02)
1 142.250.204.8 15169 (GOOGLE)
1 18.65.244.2 16509 (AMAZON-02)
1 13.210.176.13 16509 (AMAZON-02)
4 13.56.152.166 16509 (AMAZON-02)
1 3.21.222.99 16509 (AMAZON-02)
2 34.120.14.251 396982 (GOOGLE-CL...)
34 15
6    54.74.189.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
exchangeyourcard.com.au
6    18.65.244.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-96.syd3.r.cloudfront.net
consent.trustarc.com
1    172.217.167.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f14.1e100.net
www.google-analytics.com
5    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    172.64.154.86 (None, )

ASN13335 (CLOUDFLARENET, US)
bhn-api.arkoselabs.com
1    18.65.244.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-21.syd3.r.cloudfront.net
content.blackhawknetwork.com
2    18.155.188.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-188-83.sfo53.r.cloudfront.net
d2yirbirtw3grp.cloudfront.net
1    142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com
1    18.65.244.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-2.syd3.r.cloudfront.net
js.datadome.co
1    13.210.176.13 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-176-13.ap-southeast-2.compute.amazonaws.com
api-js.datadome.co
4    13.56.152.166 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-152-166.us-west-1.compute.amazonaws.com
notification.blackhawknetwork.com
1    3.21.222.99 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-222-99.us-east-2.compute.amazonaws.com
ht.blackhawknetwork.com
2    34.120.14.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.14.120.34.bc.googleusercontent.com
api.sardine.ai
Apex Domain
Subdomains		 Transfer
6 blackhawknetwork.com
content.blackhawknetwork.com — Cisco Umbrella Rank: 87976
notification.blackhawknetwork.com — Cisco Umbrella Rank: 166007
ht.blackhawknetwork.com — Cisco Umbrella Rank: 112595
71 KB
6 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3223
188 KB
6 exchangeyourcard.com.au
exchangeyourcard.com.au
148 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
68 KB
2 sardine.ai
api.sardine.ai — Cisco Umbrella Rank: 23603
25 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 5432
api-js.datadome.co — Cisco Umbrella Rank: 4968
28 KB
2 cloudfront.net
d2yirbirtw3grp.cloudfront.net
9 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
73 KB
1 arkoselabs.com
bhn-api.arkoselabs.com
17 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
34 11
Domain Requested by
6 consent.trustarc.com exchangeyourcard.com.au
consent.trustarc.com
6 exchangeyourcard.com.au exchangeyourcard.com.au
5 cdnjs.cloudflare.com exchangeyourcard.com.au
4 notification.blackhawknetwork.com content.blackhawknetwork.com
2 api.sardine.ai content.blackhawknetwork.com
api.sardine.ai
2 d2yirbirtw3grp.cloudfront.net exchangeyourcard.com.au
1 ht.blackhawknetwork.com exchangeyourcard.com.au
1 api-js.datadome.co js.datadome.co
1 js.datadome.co exchangeyourcard.com.au
1 www.googletagmanager.com exchangeyourcard.com.au
1 content.blackhawknetwork.com exchangeyourcard.com.au
1 bhn-api.arkoselabs.com exchangeyourcard.com.au
1 code.jquery.com exchangeyourcard.com.au
1 www.google-analytics.com exchangeyourcard.com.au
34 14
Subject Issuer Validity Valid
exchangeyourcard.com.au
R3		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
arkoselabs.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-22		 a year crt.sh
content.blackhawknetwork.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-10 -
2024-11-09		 a year crt.sh
notification.blackhawknetwork.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-12 -
2024-08-11		 a year crt.sh
ht.blackhawknetwork.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-16		 a year crt.sh
sardine.ai
GTS CA 1D4		 2024-04-13 -
2024-07-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://exchangeyourcard.com.au/faqs
Frame ID: 7C036B27CCAEEA41748164D16A1A6AFD
Requests: 31 HTTP requests in this frame

Frame: https://api.sardine.ai/assets/collector.min.34d364f.html?r=2024-04-08-34d364f
Frame ID: 406F510597158A35D650B0EFCF3B77FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FAQs | Ultimate Gift Cards

Page URL History Show full URLs

  1. http://exchangeyourcard.com.au/faqs HTTP 307
    https://exchangeyourcard.com.au/faqs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

4
Countries

677 kB
Transfer

1726 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://exchangeyourcard.com.au/faqs HTTP 307
    https://exchangeyourcard.com.au/faqs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request faqs
exchangeyourcard.com.au/
Redirect Chain
  • http://exchangeyourcard.com.au/faqs
  • https://exchangeyourcard.com.au/faqs
20 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.189.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0ec3b06546c0383e82501275a2d6892bc26a6562b16ad724d5060967609838e
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
content-security-policy
default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
content-type
text/html; charset=utf-8
date
Sun, 05 May 2024 21:50:22 GMT
server
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-datadome
protected
x-frame-options
DENY
x-xss-protection
1

Redirect headers

Location
https://exchangeyourcard.com.au/faqs
Non-Authoritative-Reason
HttpsUpgrades
notice
consent.trustarc.com/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=blackhawknetwork.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-96.syd3.r.cloudfront.net
Software
/
Resource Hash
4fdec82a021213567894efd24bb86ee7fbfd7a8e004db51b4864a35dd7ddca59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Origin
https://exchangeyourcard.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:16:15 GMT
content-encoding
gzip
via
1.1 901fdc9beff7ff35478f18c7b70da04e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SYD3-P1
age
2047
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
x-amz-cf-id
SQLd7tRrNfhQO93kS6LNQ0kHuYCA7lp345VBLUhxt9JeUpWG3sTFVg==
global-variables.js
exchangeyourcard.com.au/assets/scripts/ 		86 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchangeyourcard.com.au/assets/scripts/global-variables.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.189.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2c898a4b4d452a43aec9e5f277202de00babb912ca278c106a882c18aadf7f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
Referer
https://exchangeyourcard.com.au/faqs
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
x-content-type-options
nosniff
date
Sun, 05 May 2024 21:50:22 GMT
last-modified
Wed, 27 Mar 2024 09:50:34 GMT
server
etag
"1da802c365f9156"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
86
x-xss-protection
1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 May 2024 20:00:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6568
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 05 May 2024 22:00:55 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3823271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
382
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-50a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCMOf8ycmmzxYg3fQJ9TK0L1O%2BbaTVxo5Gf1khZsc%2Fj7sQx83%2FGah7uHbQiTIGtPiwP6pyU43i4wMNXeWich%2Fz00%2F0azYn4jCMMND%2B6qR4TqGDwO4y7wTTKs09t0lyGrXS1XH%2BbF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f3f222dc12a865-SYD
expires
Fri, 25 Apr 2025 21:50:23 GMT
lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.8/ 		245 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.8/lottie.min.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416b855385b4a222a725adc6573e59fa935ff7579361d987a20708789a5638dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
845734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52961
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-3d498"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BanKC6zjVeAv9UiJztRR6LWVWg%2FHvozfGaHtnGPwQK4szXNzzhPg92x3pf6S1gkl2mjgAHtApiaw1cH2BuHL%2Bwj5jiA%2B%2FClJkFoknv53zl3qa8uc54H8zhuuIDQ9uauctQSRdG5n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f3f222dc13a865-SYD
expires
Fri, 25 Apr 2025 21:50:23 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
842622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
637
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-92d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VX4wz%2FhPiBU3sP98MZ6X00iK9MpLmsfAXvUeJ%2FfROWChecwqopRxTxLx93vJoz1guqs8dA3yuX716sTfjaag6XMUZvUGMElfo%2FN9exitjFtO%2FUmWs3g%2BKr298jaXv48jB0OWqpBI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f3f222ec14a865-SYD
expires
Fri, 25 Apr 2025 21:50:23 GMT
all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/css/ 		68 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/css/all.css
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a901d4417fa018661fa42ed97678b4f2cafe874ca65ebd1abe62004ae718e053
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1553296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10241
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-111b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muMLqikW%2B0gWFFo2%2Bj5JdjtyXLKZRNBXtxHRDsD8ydUXkVGlNSbbWJLWp3ddG81HJ8YsHDl1lSX1W1oJDXdkNwrIHTQsJod4yU1VbnA2Bky00ATuSU8CZcKehp7dby446CtEXmRM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f3f222ec15a865-SYD
expires
Fri, 25 Apr 2025 21:50:23 GMT
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
803619
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-syd10164-SYD
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714945823.492419,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 13068
noty.min.css
cdnjs.cloudflare.com/ajax/libs/noty/3.1.4/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/noty/3.1.4/noty.min.css
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b285bf88010d779b84061d3e694212d66d9d2b82baa93701f4c2ee3a7584421c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
846846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2086
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-3d21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGOiDLYoWZC8a0qCfA%2BNhyy%2FWdgGn43oX%2FsWLdTRQSwh7nr4e%2F1heJPoTCNWknoM0mdW5hFNGuVJen6gIrVsAqwp2RhovfY4kQFQ3PCbf%2Fo45WTDzkS0IhoHIUCR7BJRwencJd%2F0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f3f222dc10a865-SYD
expires
Fri, 25 Apr 2025 21:50:23 GMT
site.min.css
exchangeyourcard.com.au/css/ 		3 B
94 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exchangeyourcard.com.au/css/site.min.css
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.189.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
Referer
https://exchangeyourcard.com.au/faqs
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
x-content-type-options
nosniff
date
Sun, 05 May 2024 21:50:22 GMT
last-modified
Wed, 27 Mar 2024 09:50:34 GMT
server
etag
"1da802c365f9103"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
3
x-xss-protection
1
Theme
exchangeyourcard.com.au/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exchangeyourcard.com.au/Theme
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.189.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
Referer
https://exchangeyourcard.com.au/faqs
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 21:50:22 GMT
x-datadome-cid
AHrlqAAAAAMAb3Zdp6I0xS0AQstwog==
x-datadome
protected
server
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
access-control-allow-origin
https://exchangeyourcard.com.au
charset
utf-8
cache-control
no-store, must-revalidate, no-cache, max-age=0, private
access-control-allow-credentials
true
access-control-expose-headers
x-dd-b, x-set-cookie
x-dd-b
1
api.js
bhn-api.arkoselabs.com/v2/42931034-68BE-DA3F-DDCF-ECBDBF066CFF/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bhn-api.arkoselabs.com/v2/42931034-68BE-DA3F-DDCF-ECBDBF066CFF/api.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b1807cf3f6b16aaa5b925b6445bfd806854dac32d31eb58ab87c55b3fa1174
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
6914646
x-amz-request-id
DWVT419PKZ3P277G
x-amz-server-side-encryption
AES256
x-amz-version-id
A7hlupyx3bixdhifQ2x62JMfx73NSEVk
cache-tag
42931034-68BE-DA3F-DDCF-ECBDBF066CFF,client-api
capi-worker-type
dedicated
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ARjKhmKTcQ1HODkbqTYwBYWq4eBlUns15aV8AxThd89gI3QU4xuoHiR+mz9tkR3wLlCEGW2Ozz14SM7cXbnkKw==
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 30 Jan 2023 17:56:32 GMT
server
cloudflare
etag
W/"db04833282bbda4ff1a587c30da0457b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
87f3f22a7866a938-SYD
cf-request-time
NaN
widget.js
content.blackhawknetwork.com/riskwidget/v1/ 		224 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.blackhawknetwork.com/riskwidget/v1/widget.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-21.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6b2adfcb0ba3b72660726be9801512ca7e447fcdc945010825a2ca4331d611c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JdqPl35toFt00Gdy.vm.PExciTm2KLB.
Content-Encoding
gzip
Via
1.1 30d965dd3bd4ca28c3aa1ccfc6be7c36.cloudfront.net (CloudFront)
Date
Sat, 04 May 2024 22:10:55 GMT
X-Amz-Cf-Pop
SYD3-P1
Age
85169
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 02 May 2024 22:10:31 GMT
Server
AmazonS3
ETag
W/"5401164ccd39fd5367254a85e0091059"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Amz-Cf-Id
3Hi-YO5GOceDCuK4_LY-Ra_o1D-yvjppAbPgBlSHPOAC8jGdgSKszA==
risk-widget.js
exchangeyourcard.com.au/assets/scripts/ 		488 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchangeyourcard.com.au/assets/scripts/risk-widget.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.189.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
59675ef58aa1ae59c43249a9302094f2da66a9a0f972b0341c7d95db3910c244
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
Referer
https://exchangeyourcard.com.au/faqs
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
x-content-type-options
nosniff
date
Sun, 05 May 2024 21:50:24 GMT
last-modified
Wed, 27 Mar 2024 09:50:34 GMT
server
etag
"1da802c365f90e8"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
488
x-xss-protection
1
ultimate-logo.svg
d2yirbirtw3grp.cloudfront.net/supercheques/PRODUCTION/Website/290/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2yirbirtw3grp.cloudfront.net/supercheques/PRODUCTION/Website/290/ultimate-logo.svg
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.188.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-188-83.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ded85a8e52fba9dea75215649166f0f005d5be35b16a526b7fadcec81afa7a5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9lXNzGEC7lAbPCTW.eIOyEMYOA5SCZLC
date
Sun, 05 May 2024 11:15:39 GMT
via
1.1 1a89524650229737fbb42049a0f558cc.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 06:59:34 GMT
server
AmazonS3
x-amz-cf-pop
SFO53-P1
age
38307
etag
"85e6cb1fa9966dc933120072759e461d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
7866
x-amz-cf-id
V36lDtcTCsobei4cU24oAE1LPguKiRqruGUm2vZNubA3yVwsMpeMTA==
js.js
exchangeyourcard.com.au/assets/scripts/ 		125 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchangeyourcard.com.au/assets/scripts/js.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.189.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-189-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5524ead75e9edbecb35f0a8c36aa2759629e3a6a4586d46e04930951005cf484
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
Referer
https://exchangeyourcard.com.au/faqs
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
x-content-type-options
nosniff
date
Sun, 05 May 2024 21:50:22 GMT
last-modified
Wed, 27 Mar 2024 09:50:34 GMT
server
etag
"1da802c365e6407"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
128263
x-xss-protection
1
v1.7-3281
consent.trustarc.com/asset/notice.js/v/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-3281
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=blackhawknetwork.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-96.syd3.r.cloudfront.net
Software
/
Resource Hash
5eeb76abbd17b81bc8a7f6722be1f0b980897bce2c1fe38bbe9f126573486d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Origin
https://exchangeyourcard.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sun, 05 May 2024 21:34:14 GMT
content-encoding
gzip
via
1.1 901fdc9beff7ff35478f18c7b70da04e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 2 May 2024 01:55:11 GMT
x-amz-cf-pop
SYD3-P1
age
969
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
-2MRdl-bVpgk8MGNE6CcowYn2VMNBJIz05ZP7K50qKOMMaaGOxE4Hw==
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=blackhawknetwork.com&country=au&state=&behavior=implied&session=d8f6622a-8d3c-43d3-b18e-05818de91724&userType=NEW&c=706b
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-96.syd3.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:24 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 43b4a9a8792e30ac49642ef84dd35fc8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
SYD3-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
fzCFUwbnWE0dzPh43R7wPUUpJ0_1aDS_MZP2AFY_MWQoksIuwJ79RA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7HL7FCZ
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
60923c75b5e8fba6bc324f29806aff8864e2250c9f63caed20a2c3523e5adcb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74524
x-xss-protection
0
last-modified
Sun, 05 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 May 2024 21:50:24 GMT
tags.js
js.datadome.co/ 		148 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-2.syd3.r.cloudfront.net
Software
Apache /
Resource Hash
6d526fd8ed7efb090207e7f90f3e5d256e9abedcbb4e2feafc5050edfb9ade30
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
via
1.1 fd8b250e4ee7cd8e5de453d78708baee.cloudfront.net (CloudFront)
date
Sun, 05 May 2024 20:55:06 GMT
x-amz-cf-pop
SYD3-P1
age
3318
x-cache
Hit from cloudfront
content-length
27423
last-modified
Mon, 22 Apr 2024 08:14:35 GMT
server
Apache
etag
"25025-616ab07274eb2-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
ziAyRZSVNSA5VT5XKMsCiW6w32gpCAbMqXDHsaxzeRhhfjBqC6j3Fw==
expires
Sun, 05 May 2024 21:55:06 GMT
get
consent.trustarc.com/ 		133 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=RobotoBold.ttf
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-96.syd3.r.cloudfront.net
Software
/
Resource Hash
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Origin
https://exchangeyourcard.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sun, 05 May 2024 21:50:08 GMT
content-encoding
gzip
via
1.1 901fdc9beff7ff35478f18c7b70da04e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SYD3-P1
age
16
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
zSO_Cw6Tf35P_bK9-hdT9-ujNSEMVy6Z3qrQKO2t7kowlgFC95WtJA==
get
consent.trustarc.com/ 		142 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=RobotoRegular.ttf
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-96.syd3.r.cloudfront.net
Software
/
Resource Hash
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Origin
https://exchangeyourcard.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sun, 05 May 2024 20:51:28 GMT
content-encoding
gzip
via
1.1 901fdc9beff7ff35478f18c7b70da04e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SYD3-P1
age
3536
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
2VpyUXptO4iFRt4vR9_S_P2MCe3pQdcEgDQMI0xG7X1VMQMDwH10lA==
bannermsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=blackhawknetwork.com&behavior=implied&country=au&language=en&rand=0.3629665152470589&session=d8f6622a-8d3c-43d3-b18e-05818de91724&userType=NEW
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-96.syd3.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:24 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 43b4a9a8792e30ac49642ef84dd35fc8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
SYD3-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
gnySovhBYRMtcduFhPIqsSTOwiJ4bGFYsPEqMsrr0hesCtQsV3wQ-A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
c8074a8c-8aa4-4a90-8f3c-76c346650e51
https://exchangeyourcard.com.au/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://exchangeyourcard.com.au/c8074a8c-8aa4-4a90-8f3c-76c346650e51
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
api-js.datadome.co/js/ 		244 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.210.176.13 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-176-13.ap-southeast-2.compute.amazonaws.com
Software
DataDome /
Resource Hash
d34ff8ff3c511c70303915c712559e04956c56e122141905dc0eb648dc443069

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 05 May 2024 21:50:24 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
244
expires
0
getRiskProviders
notification.blackhawknetwork.com/riskService/v1/riskWidget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notification.blackhawknetwork.com/riskService/v1/riskWidget/getRiskProviders
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.56.152.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-152-166.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,requestid,tenantid,unique-id
Access-Control-Request-Method
POST
Origin
https://exchangeyourcard.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, requestId, unique-id, merchantId, tenantId, certificateId, role, clientConfigId *
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE
Access-Control-Allow-Origin
https://exchangeyourcard.com.au
Access-Control-Expose-Headers
* *
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection
Keep-Alive
Content-Length
0
Date
Sun, 05 May 2024 21:50:24 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-DataDome
protected
getRiskProviders
notification.blackhawknetwork.com/riskService/v1/riskWidget/ 		272 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.blackhawknetwork.com/riskService/v1/riskWidget/getRiskProviders
Requested by
Host: content.blackhawknetwork.com
URL: https://content.blackhawknetwork.com/riskwidget/v1/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.56.152.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-152-166.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
146b9881481b8f15a2878d348a03792fb2fe7a41966ab16faeb4a0338bdf6364

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
requestId
2382dd8e-0b8c-49e7-9fdb-53a6c0d055ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
tenantId
VF3FGAA5JDHLG7Q59TNQFG0QJM
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://exchangeyourcard.com.au/
unique-id
2382dd8e-0b8c-49e7-9fdb-53a6c0d055ce
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 05 May 2024 21:50:24 GMT
Content-Encoding
gzip
X-DataDome
protected
Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Server
Apache
vary
accept-encoding
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://exchangeyourcard.com.au
Access-Control-Expose-Headers
*, *
Transfer-Encoding
chunked
Connection
Keep-Alive
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, requestId, unique-id, merchantId, tenantId, certificateId, role, clientConfigId, *
Keep-Alive
timeout=5, max=99
ZXhjaGFuZ2V5b3VyY2FyZC5jb20uYXU=
ht.blackhawknetwork.com/assets/ 		396 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ht.blackhawknetwork.com/assets/ZXhjaGFuZ2V5b3VyY2FyZC5jb20uYXU=
Requested by
Host: exchangeyourcard.com.au
URL: https://exchangeyourcard.com.au/faqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.222.99 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-222-99.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
b8693c41583e2f90891e587d0eb021cecd5abf728745db4243f7f522f81334ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:50:25 GMT
x-amzn-trace-id
Root=1-6637ff21-3ba776b814e93b8d519f10a3;Parent=33eb3e20101037b7;Sampled=0;lineage=13ba6a0f:0
x-amzn-requestid
f07ef935-58b1-42a8-bec1-35c7ba9e9fc9
content-length
396
x-amz-apigw-id
XUTNQHQyiYcEs_A=
content-type
application/javascript
favicon-32x32px.png
d2yirbirtw3grp.cloudfront.net/supercheques/Production/Website/290/ 		387 B
746 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d2yirbirtw3grp.cloudfront.net/supercheques/Production/Website/290/favicon-32x32px.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.188.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-188-83.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614b1f795a0c14f59f5f679e8adbccc9144301530b13a6007e37f0d0250a1271

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
4nMKAfU.cWLkx6kgVv.dukH2LUMG8OUh
date
Sun, 05 May 2024 11:15:41 GMT
via
1.1 1a89524650229737fbb42049a0f558cc.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 08:18:32 GMT
server
AmazonS3
x-amz-cf-pop
SFO53-P1
age
38304
etag
"e26f1d8ed3dd813e897e9e93575a7ced"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
387
x-amz-cf-id
8LJXqiHh4P0VnYOXk5ZOJoQ6FV99wrYdnwnurB5PMoY7_ueTJaLQzQ==
loader.min.js
api.sardine.ai/assets/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/loader.min.js
Requested by
Host: content.blackhawknetwork.com
URL: https://content.blackhawknetwork.com/riskwidget/v1/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
941c41908ab8508fe1510b2c2bdbedca1c05fac823b281dcb9c61e7f5ef7191f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchangeyourcard.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 21:40:12 GMT
content-encoding
gzip
age
613
x-guploader-uploadid
ABPtcPpSpS9TbUOHSFpESrIWD8GgTqDi-e2jJW9rPF_RD18gM6eVFerMycwgk6FqgwgL6RQJvw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25029
last-modified
Tue, 09 Apr 2024 15:15:36 GMT
server
UploadServer
etag
"0a976c266faeb5ef79e35d5f34f0f4c1"
x-goog-hash
crc32c=yFbKsg==, md5=CpdsJm+ute95411fNPD0wQ==
x-goog-generation
1712675736703689
access-control-allow-origin
*
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=1800,no-transform
x-goog-stored-content-length
25029
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 05 May 2024 22:10:12 GMT
collector.min.34d364f.html
api.sardine.ai/assets/ Frame 406F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/collector.min.34d364f.html?r=2024-04-08-34d364f
Requested by
Host: api.sardine.ai
URL: https://api.sardine.ai/assets/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://exchangeyourcard.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
age
610
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1800,no-transform
content-encoding
gzip
content-language
en
content-length
209
content-type
text/html
date
Sun, 05 May 2024 21:40:15 GMT
etag
"057c2968ec0266d1293d636ca13dfb3b"
expires
Sun, 05 May 2024 22:10:15 GMT
last-modified
Tue, 09 Apr 2024 15:15:36 GMT
server
UploadServer
x-goog-generation
1712675736658551
x-goog-hash
crc32c=usruUQ== md5=BXwpaOwCZtEpPWNsoT37Ow==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
209
x-guploader-uploadid
ABPtcPq66AceTbgvzXTVMrb1k4pPr_ZBvePpt5sPFJwVnybUQdINvhzy-em-LMrnw6PrqcgfFTpSDeYqWQ
sessionDetails
notification.blackhawknetwork.com/riskService/v1/riskWidget/ 		44 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.blackhawknetwork.com/riskService/v1/riskWidget/sessionDetails
Requested by
Host: content.blackhawknetwork.com
URL: https://content.blackhawknetwork.com/riskwidget/v1/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.56.152.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-152-166.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
13428826fa0c6e308c4389d359952d63f8e71d8703291da76f9d50734b2c9cd8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
requestId
d5f3a17b-6cec-459e-96a7-923c4206f954
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
tenantId
VF3FGAA5JDHLG7Q59TNQFG0QJM
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://exchangeyourcard.com.au/
unique-id
d5f3a17b-6cec-459e-96a7-923c4206f954
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 05 May 2024 21:50:26 GMT
Content-Encoding
gzip
X-DataDome
protected
Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Server
Apache
vary
accept-encoding
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://exchangeyourcard.com.au
Access-Control-Expose-Headers
*, *
Transfer-Encoding
chunked
Connection
Keep-Alive
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, requestId, unique-id, merchantId, tenantId, certificateId, role, clientConfigId, *
Keep-Alive
timeout=5, max=97
sessionDetails
notification.blackhawknetwork.com/riskService/v1/riskWidget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notification.blackhawknetwork.com/riskService/v1/riskWidget/sessionDetails
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.56.152.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-152-166.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,requestid,tenantid,unique-id
Access-Control-Request-Method
POST
Origin
https://exchangeyourcard.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, requestId, unique-id, merchantId, tenantId, certificateId, role, clientConfigId *
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE
Access-Control-Allow-Origin
https://exchangeyourcard.com.au
Access-Control-Expose-Headers
* *
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection
Keep-Alive
Content-Length
0
Date
Sun, 05 May 2024 21:50:26 GMT
Keep-Alive
timeout=5, max=98
Server
Apache
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-DataDome
protected

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| truste function| shouldRepop function| shouldResolveConsent string| userType object| $temp_inner_iframe object| $temp_closebtn_style object| $temp_box_overlay object| $temp_box_overlay_border string| $temp_externalcss undefined| onEnforcementProviderLoaded object| reactSeedData object| google_tag_data function| ga object| gaplugins object| dataLayer function| getUrlToSkipToMainContent object| a function| b object| lottie object| bodymovin function| $ function| jQuery function| RMSWidget string| ddjskey object| ddoptions function| openMobNav function| goToFirstStep function| stickyRedemptionNav function| stickyBasketAndCodes function| handleLanguageSelection function| getHIWAnimationData function| loadHowItWorksAnimations function| loadHowItWorksPageAnimationsAndSlider function| setupEnforcement function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG boolean| dataDomeProcessed object| dataDomeOptions boolean| ddShouldSkipFingerPrintReq object| $settings string| tenant string| env string| page object| arkoseLabsClientApi5f2adcea object| regeneratorRuntime object| google_tag_manager object| __dispatched__ undefined| __i__ string| riskDeviceIdentifier function| a3H function| a3e function| parcelRequire7d99 object| _Sardine string| _sardine_revision string| x object| temp string| root_domain string| m undefined| r

5 Cookies

Domain/Path Name / Value
.exchangeyourcard.com.au/ Name: TAsessionID
Value: d8f6622a-8d3c-43d3-b18e-05818de91724|NEW
.exchangeyourcard.com.au/ Name: notice_behavior
Value: implied,eu
.exchangeyourcard.com.au/ Name: datadome
Value: zazz6iETWsQgq99aKCc81SH960WYZB2hbyLODc~lY5sKZA9uG6MzAmkUN~cibLANP7MwDDv~G46sbs~Il0Kc1BAvThyD54AjQxK5ataZzS0PBJfhKOSoKeJG67Sa5CMt
.arkoselabs.com/ Name: _cfuvid
Value: jGuIWEpUozgQnwXRPMJ.nZrN3TllBMFJ62zhOUBSb3U-1714945824415-0.0.1.1-604800000
api.sardine.ai/ Name: _immortal|deviceToken
Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..j3RuqqP5Eze0rnQ0.KAIvhd6K6bCyZvp429pHftJ94aBjknaGE1LWdmEcDaEAlVMkclOO68HoI0e_yBONKIkq-8R5fx861e1gJycWCZIjLfPVUpcs6N4razjQCdvN4eFo4YHVIaZ2T18XIXmaZh4AH3HLyzmdhP2VTvYiQLOzrPEiMrZL54IPqa0djSr-oSSTQBKkrwLWpw1zVeWVHC3UQCdb8goEdX4P7bGOhIsEmwtDy4G8beT69g39sXHzAgAwn_YLrLasD2MxM-psDYpErrHbl0RtYrV0ymT9ukc1eyiPOy3RDJAGoLPryn3MtrA.x_D3qeSrKc3INhsoGzmlPQ

9 Console Messages

Source Level URL
Text
network error URL: https://exchangeyourcard.com.au/Theme
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://exchangeyourcard.com.au/faqs
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' https://*.hotjar.com use.typekit.net p.typekit.net cdnjs.cloudflare.com asset.gomoxie.solutions fonts.googleapis.com cdn.userway.org; font-src 'self' https://*.hotjar.com use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com cdn.userway.org consent.trustarc.com; img-src * data:; media-src *; frame-src *.sardine.ai geo.captcha-delivery.com asset.gomoxie.solutions *.arkoselabs.com consent-pref.trustarc.com cdn.userway.org; connect-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.blackhawknetwork.com api-js.datadome.co europewebchat.bhnetwork.com:8085 www.google-analytics.com stats.g.doubleclick.net asset.gomoxie.solutions events-hawkgamerschoice.gomoxie.solutions location.gomoxie.solutions consent-pref.trustarc.com api.userway.org; script-src 'self' 'unsafe-inline' https://*.sardine.ai https://*.hotjar.com ht.blackhawknetwork.com use.typekit.net js.datadome.co ajax.aspnetcdn.com unpkg.com webrtc.github.io europewebchat.bhnetwork.com:8085 www.google-analytics.com www.googletagmanager.com consent.trustarc.com cdnjs.cloudflare.com code.jquery.com client-api.arkoselabs.com bhn-api.arkoselabs.com bhn-verify.arkoselabs.com asset.gomoxie.solutions cdn.userway.org connect.facebook.net content.blackhawknetwork.com cdn-us.trustev.com api.sandbox.sardine.ai mpsnare.iesnare.com;worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
api.sardine.ai
bhn-api.arkoselabs.com
cdnjs.cloudflare.com
code.jquery.com
consent.trustarc.com
content.blackhawknetwork.com
d2yirbirtw3grp.cloudfront.net
exchangeyourcard.com.au
ht.blackhawknetwork.com
js.datadome.co
notification.blackhawknetwork.com
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
13.210.176.13
13.56.152.166
142.250.204.8
151.101.194.137
172.217.167.78
172.64.154.86
18.155.188.83
18.65.244.2
18.65.244.21
18.65.244.96
3.21.222.99
34.120.14.251
54.74.189.17
13428826fa0c6e308c4389d359952d63f8e71d8703291da76f9d50734b2c9cd8
146b9881481b8f15a2878d348a03792fb2fe7a41966ab16faeb4a0338bdf6364
2c898a4b4d452a43aec9e5f277202de00babb912ca278c106a882c18aadf7f06
416b855385b4a222a725adc6573e59fa935ff7579361d987a20708789a5638dd
4fdec82a021213567894efd24bb86ee7fbfd7a8e004db51b4864a35dd7ddca59
5524ead75e9edbecb35f0a8c36aa2759629e3a6a4586d46e04930951005cf484
59675ef58aa1ae59c43249a9302094f2da66a9a0f972b0341c7d95db3910c244
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5eeb76abbd17b81bc8a7f6722be1f0b980897bce2c1fe38bbe9f126573486d25
60923c75b5e8fba6bc324f29806aff8864e2250c9f63caed20a2c3523e5adcb1
614b1f795a0c14f59f5f679e8adbccc9144301530b13a6007e37f0d0250a1271
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6d526fd8ed7efb090207e7f90f3e5d256e9abedcbb4e2feafc5050edfb9ade30
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
941c41908ab8508fe1510b2c2bdbedca1c05fac823b281dcb9c61e7f5ef7191f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ded85a8e52fba9dea75215649166f0f005d5be35b16a526b7fadcec81afa7a5
a901d4417fa018661fa42ed97678b4f2cafe874ca65ebd1abe62004ae718e053
b285bf88010d779b84061d3e694212d66d9d2b82baa93701f4c2ee3a7584421c
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
b8693c41583e2f90891e587d0eb021cecd5abf728745db4243f7f522f81334ce
b8b1807cf3f6b16aaa5b925b6445bfd806854dac32d31eb58ab87c55b3fa1174
d0ec3b06546c0383e82501275a2d6892bc26a6562b16ad724d5060967609838e
d34ff8ff3c511c70303915c712559e04956c56e122141905dc0eb648dc443069
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6b2adfcb0ba3b72660726be9801512ca7e447fcdc945010825a2ca4331d611c
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a