urlscan.io logo urlscan.io
SecurityTrails logo

app.galaxpay.com.br Open in urlscan Pro
2606:4700:20::681a:2de  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.galaxpay.com.br/
Effective URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Submission: On November 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 43 HTTP transactions. The main IP is 2606:4700:20::681a:2de, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.galaxpay.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2023. Valid for: a year.
This is the only time app.galaxpay.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 42 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.161.111.39 16509 (AMAZON-02)
1 13.32.27.21 16509 (AMAZON-02)
1 18.66.112.79 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
43 9
42    2606:4700:20::681a:2de (United States)

ASN13335 (CLOUDFLARENET, US)
app.galaxpay.com.br
app2.prod.cloud.galaxpay.com.br
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.161.111.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-39.mrs52.r.cloudfront.net
static.hotjar.com
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
42 galaxpay.com.br
app.galaxpay.com.br
app2.prod.cloud.galaxpay.com.br
372 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
732 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
4 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2687
257 B
43 6
Domain Requested by
24 app.galaxpay.com.br 21 redirects app.galaxpay.com.br
18 app2.prod.cloud.galaxpay.com.br app.galaxpay.com.br
6 www.gstatic.com www.google.com
www.gstatic.com
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.google.com app.galaxpay.com.br
www.google.com
www.gstatic.com
4 fonts.googleapis.com app.galaxpay.com.br
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com app.galaxpay.com.br
43 9

This site contains no links.

Subject Issuer Validity Valid
galaxpay.com.br
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Frame ID: D4EE77858CE050AB9275DAB007146E99
Requests: 34 HTTP requests in this frame

Frame: https://app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: C66A92992E794147D31181F298A9D81F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
Frame ID: 9890EB144D79DC3AAF165B7E2C7B30C4
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT
Frame ID: F94637516B6D9F4BA0F97E15D6E06305
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entrar - Pagamento recorrente, cobrança recorrente por cartão de crédito

Page URL History Show full URLs

  1. http://app.galaxpay.com.br/ HTTP 301
    https://app.galaxpay.com.br/ HTTP 302
    http://app.galaxpay.com.br/v2/login/somente-logado/restrict HTTP 307
    https://app.galaxpay.com.br/v2/login/somente-logado/restrict Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

56 %
HTTPS

63 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

1197 kB
Transfer

3236 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.galaxpay.com.br/ HTTP 301
    https://app.galaxpay.com.br/ HTTP 302
    http://app.galaxpay.com.br/v2/login/somente-logado/restrict HTTP 307
    https://app.galaxpay.com.br/v2/login/somente-logado/restrict Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://app.galaxpay.com.br/_next/static/css/021da5481c0c61cf.css HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/css/021da5481c0c61cf.css
Request Chain 1
  • https://app.galaxpay.com.br/_next/static/css/5c367e25848e00ad.css HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/css/5c367e25848e00ad.css
Request Chain 2
  • https://app.galaxpay.com.br/_next/static/chunks/webpack-cdb815a3ce277e65.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/webpack-cdb815a3ce277e65.js
Request Chain 3
  • https://app.galaxpay.com.br/_next/static/chunks/framework-3412d1150754b2fb.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/framework-3412d1150754b2fb.js
Request Chain 4
  • https://app.galaxpay.com.br/_next/static/chunks/main-3ed4a7e4447175bc.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/main-3ed4a7e4447175bc.js
Request Chain 5
  • https://app.galaxpay.com.br/_next/static/chunks/pages/_app-7850c21092c32135.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/_app-7850c21092c32135.js
Request Chain 6
  • https://app.galaxpay.com.br/_next/static/chunks/4681-a61ba5f5aa653329.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/4681-a61ba5f5aa653329.js
Request Chain 7
  • https://app.galaxpay.com.br/_next/static/chunks/7258-96dee0a0cb011a17.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/7258-96dee0a0cb011a17.js
Request Chain 8
  • https://app.galaxpay.com.br/_next/static/chunks/2488-a671f76240ed29a4.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/2488-a671f76240ed29a4.js
Request Chain 9
  • https://app.galaxpay.com.br/_next/static/chunks/1409-778f531603542d8d.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/1409-778f531603542d8d.js
Request Chain 10
  • https://app.galaxpay.com.br/_next/static/chunks/9272-ebae2c6702816d9d.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/9272-ebae2c6702816d9d.js
Request Chain 11
  • https://app.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js
Request Chain 12
  • https://app.galaxpay.com.br/_next/static/chunks/pages/v2/login/%5B%5B...message%5D%5D-94b53c21ee3eb61f.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/v2/login/%5B%5B...message%5D%5D-94b53c21ee3eb61f.js
Request Chain 13
  • https://app.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_buildManifest.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_buildManifest.js
Request Chain 14
  • https://app.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_ssgManifest.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_ssgManifest.js
Request Chain 19
  • https://app.galaxpay.com.br/v2/assets/js/modernizr.min.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/v2/assets/js/modernizr.min.js
Request Chain 20
  • https://app.galaxpay.com.br/v2/assets/js/hotjar.min.js HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/v2/assets/js/hotjar.min.js
Request Chain 31
  • https://app.galaxpay.com.br/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-logo-galax.0b7f1ce7.png&w=256&q=75 HTTP 301
  • https://app2.prod.cloud.galaxpay.com.br/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-logo-galax.0b7f1ce7.png&w=256&q=75
Request Chain 32
  • https://app.galaxpay.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request restrict
app.galaxpay.com.br/v2/login/somente-logado/
Redirect Chain
  • http://app.galaxpay.com.br/
  • https://app.galaxpay.com.br/
  • http://app.galaxpay.com.br/v2/login/somente-logado/restrict
  • https://app.galaxpay.com.br/v2/login/somente-logado/restrict
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632af63926286639f3bf7bd3ece88cf607b20510ea0fb2f1c3f2c2e26884170f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8259e894bf834dbe-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 13 Nov 2023 20:54:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mrb9v8VsE%2FdGo%2Bz7coV7MXIlAreA5H2gCTMUCZLzVx%2FArKc6waq8TAudR7f3OPYdrcV%2FmvizHGfN672KyN1yP1AT0%2Ff6mC4Tbc%2BGIXd8VNeAM%2FSKHr7AYNxM%2BQrlPJ3e7LZYF%2BHCJrFgxWo7FmrYVCw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Non-Authoritative-Reason
HSTS
021da5481c0c61cf.css
app2.prod.cloud.galaxpay.com.br/_next/static/css/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/css/021da5481c0c61cf.css
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/css/021da5481c0c61cf.css
354 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/css/021da5481c0c61cf.css
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c952d50f635e72252320ced48852cd91f18e2cadd8da7729971f59bc53e85a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1619
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"587a1-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPw1NFS8oeJpyMfDPLNiKg0rEm8%2FNYPVLFAovA6pFfElVlcOzeqf4nP09rSXz8tjCb4s1571fh5XGld%2F9li4odRegLL8tuBiBMlph0B5uu7m5g5CxDxGYHfsta4Ykoij0v%2Fd%2FVVVu3bgd3DYd6qGd27oC5XAb3az4WKOIb0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e89c6fdb4dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyX2Z2eQT4gaSIETwJNCLrc%2FU%2Fm2vbxsWdug25iS3Gb1BcpbG5AN3KnWsU9KA7u2ABwMEvuOb5%2BfwlDmyocxOAdzz9kXTcnyIFjV6TQaHVbcjYIZ0ogF80wq51ubvythVByR33E%2FNPdCPSVlEdCTMbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/css/021da5481c0c61cf.css
cache-control
max-age=31536000
cf-ray
8259e8973a3f4dbe-FRA
5c367e25848e00ad.css
app2.prod.cloud.galaxpay.com.br/_next/static/css/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/css/5c367e25848e00ad.css
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/css/5c367e25848e00ad.css
2 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/css/5c367e25848e00ad.css
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5a68bc24e7ac71500d7b5a0fedbadf9a4b28b61d1ea8e0c79dc310743454dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1619
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"96e-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qr7X4%2BWv1W%2BqgXd41KqX0d2ocM9tizOvHyW%2FAUSMnf5Thsa43uszWI85kL2rNPjW4J43IrxzIZhCEaZ%2BxA0Jcl0X8d%2F9bZy%2Bus8cZhJzWXWTk30d%2BqSv1nOKd8t7Fwffp7eSB5gj4E2NqGJjbTJYIdFBzb1MxgBvAV8%2BGTg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e89c7ff04dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HSdByPIeFIMJoqopKa6aR2F7eiSf%2FHqjNdg%2BDFmYaAlV%2FyoLNdK%2F%2BiwH4D53PNQr1qnpcxHR1h7MItzNWGqKTMaFBoSuk2%2BQwV1Mw6ZBqDbG84RpEd0JULPVgFZ%2F%2F2SBUgtXf03WWd9LoLN2VyhCjc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/css/5c367e25848e00ad.css
cache-control
max-age=31536000
cf-ray
8259e8973a404dbe-FRA
webpack-cdb815a3ce277e65.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/webpack-cdb815a3ce277e65.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/webpack-cdb815a3ce277e65.js
2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/webpack-cdb815a3ce277e65.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e782ae7e34974a4181b6d6b444af1f61a4bf64e54c282f642d988366586c4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1619
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"892-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn7ZWCMotsxxe94MyaVHFa8jWDn8EbgUD3B5cBYhdHuUhj859lfbi5r%2BkuzcyFM0MpfBLRZwQ%2F0Wi2CjMMZpES8H6JDJKzerkfonfKWwE1DvMH6wikrm%2BnwgU3ddQ1XpZ3XDQGn93mWm0rRGev1E8%2Fb%2FXpYMsHvqDP3MWn8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a69be94dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtqwkRO08fyXk6vBarC7w3SbajnVtM0OOkCXepB6cxm21OmpYrK7mermcVdvG0TBHla6%2FQSv6pxJyj6YdPykO1ASAXdps1BTVlQI7dzgBarMa4soAhxww7oL4RjXHSJV54jcjY79UpYd4eZH6nxsN%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/webpack-cdb815a3ce277e65.js
cache-control
max-age=31536000
cf-ray
8259e8a19e234dbe-FRA
framework-3412d1150754b2fb.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/framework-3412d1150754b2fb.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/framework-3412d1150754b2fb.js
126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/framework-3412d1150754b2fb.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc72ad7c14c0bf01767f93abec5df739704e9d7d1fc37124b61d65d88bc0aa27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1618
cf-polished
origSize=130270
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"1fcde-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kib22Yj8TYnQ9h0UJvNfF7JbQTiySEWV4ePYeS4KokW9oV%2BoSdIMAVuQSVEwFni2X9huQ0L6id8%2BbX8yFFakybUivu4e5FNCOoHViLrIBbUmrl8LBsxZKWFupuyJiH8EspYbqGHDTbMXSqjRD5oa95iN4lhcsAnS658Prw0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a6abf14dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQdqGH%2F3UQB8TFzkRqN7avU2hxI8Q14yfCBp4xe635XG1llfssIamUmBNUwKE6pwkWEEqeut4Mh3qi%2B0dWwPpetZJYQKwxXoOJ76vG6qgn1cuJu29CZFgkWYjyrrRfHqKJkHtLfsZ7ZP0PNR%2Fkmmpno%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/framework-3412d1150754b2fb.js
cache-control
max-age=31536000
cf-ray
8259e8a1ae2a4dbe-FRA
main-3ed4a7e4447175bc.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/main-3ed4a7e4447175bc.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/main-3ed4a7e4447175bc.js
115 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/main-3ed4a7e4447175bc.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb554f940efe7873f926e953e27e6462637f065696ed0824210a29a8ed3c088f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=117329
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"1ca51-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Egiiu9fpFz8S92SbJ13XCwnagBLMJth57yDiD9lOaRAMMxBFn%2FBdpC52GTd95A9QH9rjDfayeuoD2v25pDrtCFJP8dY8%2BTqUclR%2BKQFCq5WR9VdFYg1SvnGuLLYnKK6tbkG5CXWOWrLTRXyqb7sIyDNISHS%2B8EH8KQSBU5o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a70c644dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTBt3NbIKAcxKzFP05%2BQ97IpRnZlLFWv93LxOshzHDI71tPlUAoiM8Ayz01DeYa8DapItXbQwUpCX22LgOgNiI1r0wTdqjNCDXaLM6sy%2BzgJ27Od7hByAc7ZHTtsMGYhIuWuJy8ZEEPnDc%2B1yGHPXKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/main-3ed4a7e4447175bc.js
cache-control
max-age=31536000
cf-ray
8259e8a1de704dbe-FRA
_app-7850c21092c32135.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/pages/_app-7850c21092c32135.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/_app-7850c21092c32135.js
389 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/_app-7850c21092c32135.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6fad5e7ecaa12156d36e3ecc9a4973c87fcc10e43bc255f13766aa92e6aa95e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=398973
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"6167d-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFGYdbOB3GAFLw56lWhxNtzlLWcCPU7%2FL6UBaOFHOnnUEU6xue6Y1XI3mSfgQ652eplz4srLok%2FVZqWXEQUVh5p0uq9a7N5WmhXOtkkR3jGl8fKPd3d8T359A8Na4%2FY4cY9b7WBiR%2Bot4dpjIGzIwl7N2gsaEwu2RJ7kZ7s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a6cc1e4dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJWdXSYzXQl%2B7m%2FqaiHCjCi6GVYXZySRfeS%2Fj6sZ9npcwtFHMWxvG4VLJLnPJr1NVLgSezbza45gRLP%2B5Z%2FEmbpy1PCnaPmEiAH%2F%2Fq8x%2FQIrT0BIXIBT0ONZQKJy7V9JCmgKEKtTZq7lG0eH7O%2FqAls%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/pages/_app-7850c21092c32135.js
cache-control
max-age=31536000
cf-ray
8259e8a1de734dbe-FRA
4681-a61ba5f5aa653329.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/4681-a61ba5f5aa653329.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/4681-a61ba5f5aa653329.js
42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/4681-a61ba5f5aa653329.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d00764b56a710620b93383660095c3a88094abe926621203d5c4a82614c2ffa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=42690
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"a6c2-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0REJMm2mYcvSHnapz1mxRTZE1Pqk%2BYLIpbR8jhs%2Fbj80Cb2qn%2Fsnngawu7iNgZT27s60k3mTRN4lOsRv7rNkxx%2BxzPBZ178F1oVRGqym%2F7T7yYU%2Bn5GHvc%2B6%2FwzrUgzqZszZTqBM4bb4J9APJzBdhMb%2FnIg7SvitTHX6KJ0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a6dc304dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqeo6iKZC6tYeDUNOWQCEHvOGX1ztvQlen%2BIE1gA6%2FN5y3M8Tp2q8Lx6z8LQHvHJiRlLrn0FJOi0y9ibf5t8beri292cZH%2FwohoE4SQUk4%2FpeF22QHjeItRnCrlig1rpBL4llQjrOE1cH2M5Zxg9jbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/4681-a61ba5f5aa653329.js
cache-control
max-age=31536000
cf-ray
8259e8a1de754dbe-FRA
7258-96dee0a0cb011a17.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/7258-96dee0a0cb011a17.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/7258-96dee0a0cb011a17.js
47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/7258-96dee0a0cb011a17.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd975b2c8ac04c62f7c65e5e7cc62c0cba3f310db4f70cbe9618337d0bed93c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=48278
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"bc96-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em2wiKjneGjYyCqWxK2W1Myz9NUdGshe0aw%2BCLXvzwa8avYrPg64lCX2o6qw%2FKBULVb%2FDf7i0KQGKfT4546kG0eePsujH4K41AaQDTbGS7Mtp%2BGO7uOyeA%2Fw%2F06B1wPqkUgO1tc2iPhjEdoTFJvo%2FCGYJsTHcXRnEZ%2BYK%2Bw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a6cc144dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q75vDYJdj0PJ9FQf0aAfCxmsK4ih%2FVq0vpXvDnm5yG1jl1BsJwxvHUHfzlgYklxNAETFrfz7gnH5wD7jUFkW3Q8oTodWn5FSBslW0am5mG%2BZVXlLTUonNhOAQbJj8NCSnK%2FdIZ8QTygBVEPYCuInbm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/7258-96dee0a0cb011a17.js
cache-control
max-age=31536000
cf-ray
8259e8a1de774dbe-FRA
2488-a671f76240ed29a4.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/2488-a671f76240ed29a4.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/2488-a671f76240ed29a4.js
27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/2488-a671f76240ed29a4.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0794ff2bd37b937bfe22a729c382bc86d04876c1a25fda4c12659f1009b5006c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=27502
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"6b6e-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM%2F4vbXXWvFVvTb3gVvOBzxDaF%2BUIrAprH45CR6rX7zDs0wn8zpEKhx%2BrHe6m5poNXboAH%2FSp3oD5Y8NcW1GdxZOvYF%2FawyKIq%2B0g3q1tb59ERbTA2uAsRTSm4BTG1ddEmNl67tZpSI1jJHIiIecJZ51pVbDIRmKs18onw4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a72c8f4dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sxI%2BdkAz2glpE3P1akt2DOudQ9Jmb2YF4H%2BQ1QKE05Ufl6UJcLgUDfLN%2FhAMZhpdHEcuA8y4TeE5pPa2NNG2PQJfO3vKNwY48zpvN5JfTOaZdGpQ81XuIgpC9hnXa0uHMjAhAVH5KZnvZOYFXNtiHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/2488-a671f76240ed29a4.js
cache-control
max-age=31536000
cf-ray
8259e8a1de794dbe-FRA
1409-778f531603542d8d.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/1409-778f531603542d8d.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/1409-778f531603542d8d.js
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/1409-778f531603542d8d.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f2c140790a2b29ebf422fbcb29293851c9c44bf7977cb274df554c9d17432a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=9453
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"24ed-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQuLpZ64ud%2Fc6NusbZNXptM3RKS1Dzk72%2BVrI0zFzTQj3o8NkQvmJoDFS%2B7c65kFq3Dtwh0y0YgYw1oq2l7oaj4CZhqzyczC%2BHr7MEYFtYBKzkP1NWTHFRKHjca9lak0Neg6PdpiKJWX5JCN2kJ6go1GYCLd8rQibdcYPno%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a71c7d4dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUbXDtM4vmlaHXlLjMKmFaUT8M2XRfl6BFpljmt%2F%2FZOnvL53Y3AqBMjemRQ0Jv%2FIGLu0UYIWelw56qe8SAuk9USbU9I6KxSg1GDKfgSLqfh6CZF%2FBR6O89ZvKpw40MP7cAqPcn4H%2BZ%2FhmYGldPy0OXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/1409-778f531603542d8d.js
cache-control
max-age=31536000
cf-ray
8259e8a1de7c4dbe-FRA
9272-ebae2c6702816d9d.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/9272-ebae2c6702816d9d.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/9272-ebae2c6702816d9d.js
13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/9272-ebae2c6702816d9d.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8b79f0e819a8b35f7d1de690f9ca0a335f98f3bc3133bdfaf32fa39dee0213
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=13192
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"3388-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FzXbxG6FuQLbScbt3992DojXT3531CnQUg98ugUaAUdVPoasBUfkDarH2ZKQFPfolPF3MXHhpcqoNAkBx6AF8HkIm9dLmgfILPDrSn7xkRISAUJMZU%2F1nbOEMcJ29rhuYOnycEXz02hpS7PtZuffzOquxAfftYV%2BtzeWvI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a71c7a4dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0nZ5tfcogw3MTGZl87LpfOfqqmov2UcWFl4xvI9b1XgxbzhCg7Uj9d%2BOtzqGsbL%2F4L4j7InjLAPPPXvHPzQRF4gdQ1tlx%2FOe8DRnQANMI3smsul%2F6W%2BuU1l3f6B8v2VygPmg%2BgzxbsJHMIwpV%2Fi0hQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/9272-ebae2c6702816d9d.js
cache-control
max-age=31536000
cf-ray
8259e8a1de7e4dbe-FRA
1487-cd72cc71b18de13e.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae13b7c9fa7a0d2887bc3ac2411273d5b7ef4b0742f501c90dfb483f8468926
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=14337
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"3801-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdNO7HKd%2B9WZVOhLyLSgEH4IFbKuMCukSchT%2BKneuemSZ6syV9KOgTJNr5F2Qpvs0DujKaHENCqLrFfUZQ0DpC0hZxSC3tSFS4PPYXJ%2F%2BU3nHew6KwJYHk%2F%2BsMyaAH8xFqa7GFketFqXw4geXLK2YB%2Bw7DBZUBLMDy%2FGyqg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a72c954dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZbkQRueK4ajcM6Uv6UVg6OvMagzFr5K5Z%2BQXm4ZVyejX%2F4%2Fdau2vWJiymLIwpwVvuVrd35lbof46XX7KK694jyh%2Fw79Mb2lCfv2Vt9Ye%2B3bUX3qzKmAdjs5UhFh8zXji69Yu1Fe9RCE0Tr%2BukgyBVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/1487-cd72cc71b18de13e.js
cache-control
max-age=31536000
cf-ray
8259e8a1de874dbe-FRA
%5B%5B...message%5D%5D-94b53c21ee3eb61f.js
app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/v2/login/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/chunks/pages/v2/login/%5B%5B...message%5D%5D-94b53c21ee3eb61f.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/v2/login/%5B%5B...message%5D%5D-94b53c21ee3eb61f.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/chunks/pages/v2/login/%5B%5B...message%5D%5D-94b53c21ee3eb61f.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85366dda67f82f874bb4ee6562bdae1b00db3ab1bb614f025a5ce9b725a5ef28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
cf-polished
origSize=6960
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"1b30-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL1Qh1xD6fJI0ZgIScNi8LgUiR64o6OxmBrljm%2Bkzv9gO9JVV%2FEBMSHEE1Knu8ETNPNaoxSiEWofKx6uhKEJx%2FpM%2F8m2fC1%2Fy3DXmCCae%2Bo08rNtvX2c%2F6urATqWH%2F%2F%2FDmqR9iM6Tgyemx%2Fl0lJBP%2BYVQ3nf2jJzJrGOoX8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a71c804dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdQw7b0k8ZtdXfSNcY7sJ8%2BpkCX8v0ZM1z8LxvWvXDmIWKkReOky5uP4HOIloRDlkb1tepioo%2FUC%2FAggAEDQLEUuV%2FRib706U1XGf02E9N9ejgvcr%2FwMPn%2BpycotofM8j1OTYyUDgNt72C5lawcXx6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/chunks/pages/v2/login/%5B%5B...message%5D%5D-94b53c21ee3eb61f.js
cache-control
max-age=31536000
cf-ray
8259e8a1de8b4dbe-FRA
_buildManifest.js
app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_buildManifest.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_buildManifest.js
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_buildManifest.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d951c81ba8746fce0241cbdad4d1b680a7fe73d2b352f9338db37c3d11cae9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338963
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"1282-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jU5FUFilOxGRq%2FmukAwxb20q4GzGXXhxG1bmG9zZ47DMa8oI9%2BoRoTzmt3K1jWgh2fd5NlShURWleVFa%2BY49iOIMlhQhhREQDeaNU65%2F0Bct%2FSxAKUZ0G8jQ24ZKX5bq%2BfucKDOSASLRpQEDrvkt70Fa8NAH6V%2Bue3zRoJo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a6ec424dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BLVFakzy0TVdAERXYM%2Fz2kykMh3Rd5slUrNiHVBr%2BHyoxt76RXSimnoTWfyXEHDe9gP7TbNRsxWojjDlznS3%2FxjpZZzoIZ44sNfZYlhmFmqqbUEGrlxBHplXQXaWgB3%2Fgli0JqtMqzg82CpznK2Syg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/W0lJbgfuLZjJD2BynlUJd/_buildManifest.js
cache-control
max-age=31536000
cf-ray
8259e8a1de8e4dbe-FRA
_ssgManifest.js
app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/
Redirect Chain
  • https://app.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_ssgManifest.js
  • https://app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_ssgManifest.js
76 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/static/W0lJbgfuLZjJD2BynlUJd/_ssgManifest.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1617
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 15:58:21 GMT
server
cloudflare
etag
W/"4c-18b814eb548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzZkQmB7Dal2XPtFGMhTdLZcRaTZSWMySc5HjupEyZ7hOaBMjC9BN39CFZ1eAMII8PZf3EJA1J6WBV%2BeBMnhl7Vj%2Fbq8Y%2BS6lngDDjeg11Mi6rnMqngf7DBB7Qw7YMcT1ADum5fRmksu2yB4UwiB4YpelDJTeIoVOmsm6Ik%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
x-frame-options
SAMEORIGIN
cf-ray
8259e8a76ce14dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0va5grZ3Uri9widTHSxmSIgyhJ6xeh2wOeFIxtad%2BL2eZWEueSycQQa7pi71wPPM3gfWK88agj4ubViD1aL5gbM0pLXcbOyU8X%2BGm1o%2BCOSiy8K%2FYcCb%2FQ0A36ukd68CYxM2zghfQkU6Ij21b0tW%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/static/W0lJbgfuLZjJD2BynlUJd/_ssgManifest.js
cache-control
max-age=31536000
cf-ray
8259e8a1ee8f4dbe-FRA
css2
fonts.googleapis.com/ 		21 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Nov 2023 20:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 20:16:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Nov 2023 20:54:12 GMT
css2
fonts.googleapis.com/ 		14 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Urbanist:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59f2324eafacac1297eff6c332ca7978423dc2e54d4b30c982dc0d6d120f0d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Nov 2023 20:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 20:53:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Nov 2023 20:54:12 GMT
css2
fonts.googleapis.com/ 		47 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c10a191010c7cd5bfddf9ff433ec539f9608aaf53ef32706908f03c71d3c0b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Nov 2023 20:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 19:00:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Nov 2023 20:54:12 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Nov 2023 20:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 20:14:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Nov 2023 20:54:12 GMT
modernizr.min.js
app2.prod.cloud.galaxpay.com.br/v2/assets/js/
Redirect Chain
  • https://app.galaxpay.com.br/v2/assets/js/modernizr.min.js
  • https://app2.prod.cloud.galaxpay.com.br/v2/assets/js/modernizr.min.js
11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/v2/assets/js/modernizr.min.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 30 Oct 2023 15:53:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b4c-18b814a9a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDbqc7gLFe29oEuKY2cS3tenOnNj37c1M9PSifu5PlF%2BzeL1aHOR7gEmgEjHhxG72BLAI9XbrJ5cs25if1YPA3QqmIfVGqItscmUgP2M4zWCUbqz8nYQ1ILzaukyPinM8XPKHhK5%2FMIGXDWvGLMkwrLoZgONboXUJvk31Mw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8259e89c6fde4dbe-FRA

Redirect headers

date
Mon, 13 Nov 2023 20:54:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN8CBxpSU26Y2MHXBIoRdOxjLaqTaUPcYavVpWq%2FtZ6SMQqNvIyzodyuzPQix9sj8u%2FIycTm7VZBt4k0cCkDrSqme1PrVkTivBJAQ5blbH9GhujXd46sFrQMcQkg%2B%2FYbrXoQ%2FwXfdI30mSCU9iIclyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/v2/assets/js/modernizr.min.js
cache-control
max-age=31536000
cf-ray
8259e8974a4c4dbe-FRA
hotjar.min.js
app2.prod.cloud.galaxpay.com.br/v2/assets/js/
Redirect Chain
  • https://app.galaxpay.com.br/v2/assets/js/hotjar.min.js
  • https://app2.prod.cloud.galaxpay.com.br/v2/assets/js/hotjar.min.js
400 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.prod.cloud.galaxpay.com.br/v2/assets/js/hotjar.min.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ffdbcbf91cd98de916e0565ff07304711ad1941f40c5aaebab421570a9110c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 30 Oct 2023 15:53:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"190-18b814a9a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BNmnZjchdedBnJ%2FVENHJB%2Fj42CnkXNi5kyVz%2F7sCikGxr9NVe942gQnRcSQ5PYvgLtlv0Ynf3rL2LO%2BJeUm1bkchbwq6eWrC%2BMRsb%2FcaKAwufAOjsNaaOpRzL2gIxMXkt8dM%2F3mDQm2EYDxj%2FLTv4qh03KdZ8v4267Gvto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8259e89c6fdf4dbe-FRA

Redirect headers

date
Mon, 13 Nov 2023 20:54:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW6I14IWo%2FHYfH%2BbSElgA3RifqvKyt30zIaWMTB%2FknjsohOHldaqbyE4rAkZf3xLVhe1Gs2uI2EsPK0DYV6U1d8iPZLWTXENcc9VqjnehJVlOoj0G%2Bj%2Bcf3OI5ZfiVPXp4db5j%2BdgX68uZ9%2FzrivREI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/v2/assets/js/hotjar.min.js
cache-control
max-age=31536000
cf-ray
8259e8974a4f4dbe-FRA
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v32/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v32/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.galaxpay.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:05:27 GMT
x-content-type-options
nosniff
age
344927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14256
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 20:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 21:05:27 GMT
hotjar-3178637.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3178637.js?sv=6
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/assets/js/hotjar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-39.mrs52.r.cloudfront.net
Software
/
Resource Hash
14564914a20db4fe7f2b38fdcc74d2075740eedef85eabc8955a9da76dd201d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 13 Nov 2023 20:54:14 GMT
via
1.1 c0ec38d1888eee986b8ba3b8834111c6.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
etag
W/7e22779a02b2cc58fd7f7dc9a09cc70f
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
W4AIttPAWZ2DIQdOr41BS48DjlqGB2anDGX6Pvp4Mef1dVAwiC7pRg==
truncated
/ 		79 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d80b30a33d9cdec7a5a8a1f12aafc5bca5b00110c38890052700d2ca8e4ee99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Urbanist:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.galaxpay.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 10:35:07 GMT
x-content-type-options
nosniff
age
37147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27824
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 10:35:07 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.galaxpay.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:16:09 GMT
x-content-type-options
nosniff
age
347885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:16:09 GMT
o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
fonts.gstatic.com/s/notosans/v32/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v32/o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72b7b42dc1fe022438e97d26a6e9e979ba233d5c6760f54843d666392a73d05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.galaxpay.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:16:10 GMT
x-content-type-options
nosniff
age
347884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14472
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 20:55:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:16:10 GMT
modules.4fff30a11f83c70bc2a1.js
script.hotjar.com/ 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3178637.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 12:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
377468
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57093
last-modified
Thu, 09 Nov 2023 12:03:05 GMT
etag
"90fe477ee0715709dc5b1153c76d0f7a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
nm9gOa603m6IdOO-8jU5tjitnIQGwnTgN2D8oQkO5-RXBzbT5y2yGg==
3178637
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3178637?s=0.25&r=0.20120121765757948
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
vtyz2_tCLbIPEDTdd01hF83BmDQRVh29aT1NdR67pciJCs8b4OZ9gQ==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14d639a29834594a322b067a50d08f57b5f2d23f7109e9bbee4d416cc72c907e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 13 Nov 2023 20:54:14 GMT
image
app2.prod.cloud.galaxpay.com.br/_next/
Redirect Chain
  • https://app.galaxpay.com.br/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-logo-galax.0b7f1ce7.png&w=256&q=75
  • https://app2.prod.cloud.galaxpay.com.br/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-logo-galax.0b7f1ce7.png&w=256&q=75
2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app2.prod.cloud.galaxpay.com.br/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-logo-galax.0b7f1ce7.png&w=256&q=75
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8551847cb39a5f96b8d6f761979ce9f474e40cb77debe474fcfda922cf9ce82
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.galaxpay.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:16 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-hashes' *.jsdelivr.net https://*.hotjar.com *.google.com *.gstatic.com https://www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com js.hsforms.net *.googletagmanager.com *.fontawesome.com *.hs-scripts.com *.facebook.net *.google-analytics.com https://*.hotjar.com https://js.hs-analytics.net https://*.usemessages.com *.gstatic.com https://js.hs-banner.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.kaspersky-labs.com *.jsdelivr.net; img-src *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; style-src-elem 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com; font-src 'self' https://fonts.gstatic.com/ *.bootstrapcdn.com *.fontawesome.com; connect-src 'self' https://*.hsforms.net https://*.hsforms.com *.fontawesome.com https://*.hubspot.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com; frame-src 'self' https://*.google.com https://*.hotjar.com https://*.hubspot.com https://*.facebook.com; report-uri https://gy5m3hduwc.execute-api.sa-east-1.amazonaws.com/dev/content-policy-security
x-nextjs-cache
HIT
content-disposition
inline; filename="new-logo-galax.webp"
content-length
2520
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
qFUYR8s5pflrjW92GXnOn0dOQMt33r5HT8-akiz5zoI=
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57AcYdene7NaVKsah7xYDd6FnXGpVPbH4qWJhBRJtepnPTueFugBg5MUDTLvKAlaA44KYCirSSe27tPrzGecynzLiVl6dMZvOW4fVOHGyydZ5BMTohRY87ySk0dsRq%2BzapUT8IAGEhMkrDd7DaDOYkACHQLOyhkSp%2FAebRU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000, immutable
access-control-allow-credentials
true
permissions-policy
geolocation=self
vary
Accept
cf-ray
8259e8a90e874dbe-FRA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, X-Forwarded-For

Redirect headers

date
Mon, 13 Nov 2023 20:54:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErYnzXa86uTL0qM3A4xN7i8QxalT81I69OHjk65oWjVwyKb%2Fl1ps3kGC%2BfCGyWo%2FYGlPVw8zd33NwkRNT4DJefkkTJVc%2BQYaiZiCb2aBaojHeaewHbiQb0LBH2NMZoHHmsfnpr5iGdvtLkYuSf4klpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://app2.prod.cloud.galaxpay.com.br:443/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-logo-galax.0b7f1ce7.png&w=256&q=75
cf-ray
8259e8a7ad144dbe-FRA
main.js
app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame C66A
Redirect Chain
  • https://app.galaxpay.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/v2/login/somente-logado/restrict
Protocol
H2
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa9a3ce69866dfa2aeada44d3653ce766703774a1d2c59823604d4303bace23e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmxbXRVxIUnPQIcKlvdCuqnJ5zYcjVehOL2clGhtClGIqyY5c9yCpOjq1X0BoDCSnXDPJ6w7GxapuCNx4Be2FCFLD%2BFoPoHRWgvVx0tPlpDgnHTle1Y5YyglWU5IRKeWcYLK6nx2DWdLPlOG2wSOL%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8259e8a7cd324dbe-FRA

Redirect headers

date
Mon, 13 Nov 2023 20:54:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9%2BBZxlqAG%2FqW4gWB%2Btw0NzwK7Nk8mHUSO0SJ4eDLtLgbP8ko1UrivaJ24i1CUq5p3CMJHG9r8GglasbXaUlFY9ogkO%2BX7AH0NP4qRKN7fX1k1uXMv0kxSspnkL8zonz6kjafUQLB7KJJ9ykjMi3lXU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
8259e8a7ad1e4dbe-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 		470 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.galaxpay.com.br/
Origin
https://app.galaxpay.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 19:35:41 GMT
8259e894bf834dbe
app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C66A 		0
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.galaxpay.com.br/cdn-cgi/challenge-platform/h/g/jsd/r/8259e894bf834dbe
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Nov 2023 20:54:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VMwQHVDk98ycvBbnoTGqhNwWYIeHGaw3IJLGwg2PeRU7Mzzj3GDY%2BCw%2Fc6DV7zHeoJ%2FT678gGW2WHS1Ur2cyPNEiiRddgylDRAgqiZEAROJmUcsAqAiSYr82keQL5EC1RKa11tq6zPlg3pgoThC%2BXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8259e8a88e024dbe-FRA
anchor
www.google.com/recaptcha/api2/ Frame 9890 		61 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
Requested by
Host: app.galaxpay.com.br
URL: https://app.galaxpay.com.br/_next/static/chunks/1487-cd72cc71b18de13e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3ab731ad043b8d5c1380348d026902d24884c085888677c9144e72b079bd4db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g7pQNJDiYk8oohAaW0uGjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.galaxpay.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g7pQNJDiYk8oohAaW0uGjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 20:54:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 9890 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 19:19:08 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 9890 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 19:35:41 GMT
truncated
/ Frame 9890 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9890 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9890 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
138244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sun, 19 Nov 2023 06:30:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9890 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
237372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 02:58:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9890 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT&co=aHR0cHM6Ly9hcHAuZ2FsYXhwYXkuY29tLmJyOjQ0Mw..&hl=de&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&badge=bottomright&cb=8vs7iutmrjq0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 20:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 13 Nov 2023 20:54:15 GMT
bframe
www.google.com/recaptcha/api2/ Frame F946 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0eca6ca5a8e73ad9ddbc552f8cbf5f4866458e44c15d047002f9bde6ca57f3ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2vyDVcqA4PERn4fEUy3zmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.galaxpay.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2vyDVcqA4PERn4fEUy3zmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 20:54:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame F946 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 19:19:08 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame F946 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LcuVWMjAAAAAE2IQ1MXiK1llCV1I-OLAaxUC2rT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 19:35:41 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| html5 object| Modernizr function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E undefined| __MIDDLEWARE_MANIFEST object| __BUILD_MANIFEST object| __SSG_MANIFEST object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_885969

6 Cookies

Domain/Path Name / Value
.galaxpay.com.br/ Name: _hjSessionUser_3178637
Value: eyJpZCI6ImYzNzA3NGNlLTMwNWQtNTBhMy1iNWNiLWI4ZDY4YmE3MTg1MiIsImNyZWF0ZWQiOjE2OTk5MDg4NTQyNzMsImV4aXN0aW5nIjpmYWxzZX0=
.galaxpay.com.br/ Name: _hjFirstSeen
Value: 1
.galaxpay.com.br/ Name: _hjIncludedInSessionSample_3178637
Value: 0
.galaxpay.com.br/ Name: _hjSession_3178637
Value: eyJpZCI6ImUwYTI1NWE3LTc1NTYtNDRlZS05NTVkLTgzZTA1OWNiNDIxNCIsImNyZWF0ZWQiOjE2OTk5MDg4NTQyNzMsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.galaxpay.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 1
.galaxpay.com.br/ Name: cf_clearance
Value: KDnZMPBuG4r4uyMqoNl676NwZ.MdC6XDrRwdaKbI1Pw-1699908855-0-1-67c90492.fbf2e249.30c85b72-0.2.1699908855

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.galaxpay.com.br
app2.prod.cloud.galaxpay.com.br
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.google.com
www.gstatic.com
13.32.27.21
18.161.111.39
18.66.112.79
2606:4700:20::681a:2de
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
0794ff2bd37b937bfe22a729c382bc86d04876c1a25fda4c12659f1009b5006c
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c10a191010c7cd5bfddf9ff433ec539f9608aaf53ef32706908f03c71d3c0b0
0eca6ca5a8e73ad9ddbc552f8cbf5f4866458e44c15d047002f9bde6ca57f3ef
13ffdbcbf91cd98de916e0565ff07304711ad1941f40c5aaebab421570a9110c
14564914a20db4fe7f2b38fdcc74d2075740eedef85eabc8955a9da76dd201d3
14d639a29834594a322b067a50d08f57b5f2d23f7109e9bbee4d416cc72c907e
16f2c140790a2b29ebf422fbcb29293851c9c44bf7977cb274df554c9d17432a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40e782ae7e34974a4181b6d6b444af1f61a4bf64e54c282f642d988366586c4c
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
52c952d50f635e72252320ced48852cd91f18e2cadd8da7729971f59bc53e85a
59f2324eafacac1297eff6c332ca7978423dc2e54d4b30c982dc0d6d120f0d28
5a8b79f0e819a8b35f7d1de690f9ca0a335f98f3bc3133bdfaf32fa39dee0213
5d00764b56a710620b93383660095c3a88094abe926621203d5c4a82614c2ffa
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
632af63926286639f3bf7bd3ece88cf607b20510ea0fb2f1c3f2c2e26884170f
72b7b42dc1fe022438e97d26a6e9e979ba233d5c6760f54843d666392a73d05b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
85366dda67f82f874bb4ee6562bdae1b00db3ab1bb614f025a5ce9b725a5ef28
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20
a8551847cb39a5f96b8d6f761979ce9f474e40cb77debe474fcfda922cf9ce82
aa9a3ce69866dfa2aeada44d3653ce766703774a1d2c59823604d4303bace23e
bae13b7c9fa7a0d2887bc3ac2411273d5b7ef4b0742f501c90dfb483f8468926
bbd975b2c8ac04c62f7c65e5e7cc62c0cba3f310db4f70cbe9618337d0bed93c
bc72ad7c14c0bf01767f93abec5df739704e9d7d1fc37124b61d65d88bc0aa27
c1d951c81ba8746fce0241cbdad4d1b680a7fe73d2b352f9338db37c3d11cae9
cb554f940efe7873f926e953e27e6462637f065696ed0824210a29a8ed3c088f
cd5a68bc24e7ac71500d7b5a0fedbadf9a4b28b61d1ea8e0c79dc310743454dd
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d80b30a33d9cdec7a5a8a1f12aafc5bca5b00110c38890052700d2ca8e4ee99c
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fad5e7ecaa12156d36e3ecc9a4973c87fcc10e43bc255f13766aa92e6aa95e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ab731ad043b8d5c1380348d026902d24884c085888677c9144e72b079bd4db