dashboard.sezzle.com Open in urlscan Pro
2600:9000:223f:fa00:5:2c64:75c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://szzl.io/ucmu9d
Effective URL:
https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Submission: On March 21 via manual (March 21st 2024, 3:15:52 pm UTC) from US — Scanned from DE

Summary HTTP 260 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 260 HTTP transactions. The main IP is 2600:9000:223f:fa00:5:2c64:75c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com. The Cisco Umbrella rank of the primary domain is 923870.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 24th 2023. Valid for: a year.

This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	44.240.246.125 44.240.246.125	16509 (AMAZON-02) (AMAZON-02)
161	2600:9000:223... 2600:9000:223f:fa00:5:2c64:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:275... 2600:9000:275b:a800:1a:9a9d:1e00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e4:... 2606:4700:e4::ac40:a31d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
260	23

20 44.240.246.125 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-246-125.us-west-2.compute.amazonaws.com

szzl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

161 2600:9000:223f:fa00:5:2c64:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dashboard.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:275b:a800:1a:9a9d:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a31d (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sezzle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o215203.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
183	sezzle.com dashboard.sezzle.com — Cisco Umbrella Rank: 923870 media.sezzle.com — Cisco Umbrella Rank: 46017 api.sezzle.com — Cisco Umbrella Rank: 297683 geoip.sezzle.com — Cisco Umbrella Rank: 571709	2 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	724 KB
9	google.com www.google.com — Cisco Umbrella Rank: 5	92 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3546 ekr.zdassets.com — Cisco Umbrella Rank: 4262	216 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 3894 rs.fullstory.com — Cisco Umbrella Rank: 3744	281 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3290 ka-p.fontawesome.com — Cisco Umbrella Rank: 5657	146 KB
5	zendesk.com sezzle.zendesk.com — Cisco Umbrella Rank: 448170	1017 B
4	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 5259 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 408	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1728	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	380 KB
4	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 12889	93 KB
2	sentry.io o215203.ingest.sentry.io — Cisco Umbrella Rank: 755384	397 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	408 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 6145	14 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 6472	12 KB
1	rokt.com apps.rokt.com — Cisco Umbrella Rank: 10163	19 KB
1	szzl.io 1 redirects szzl.io	802 B
0	google.de Failed www.google.de Failed
260	18

	Domain	Requested by
161	dashboard.sezzle.com	dashboard.sezzle.com
18	api.sezzle.com	dashboard.sezzle.com api.sezzle.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	dashboard.sezzle.com www.gstatic.com www.google.com
8	static.zdassets.com	dashboard.sezzle.com static.zdassets.com
5	fonts.gstatic.com	www.google.com
5	edge.fullstory.com	dashboard.sezzle.com edge.fullstory.com
5	sezzle.zendesk.com	static.zdassets.com
5	ka-p.fontawesome.com	kit.fontawesome.com
4	www.googletagmanager.com	dashboard.sezzle.com www.googletagmanager.com
4	fonts.cdnfonts.com	dashboard.sezzle.com fonts.cdnfonts.com
3	rs.fullstory.com	dashboard.sezzle.com
3	media.sezzle.com	dashboard.sezzle.com
2	region1.google-analytics.com	www.googletagmanager.com
2	firebaseinstallations.googleapis.com	dashboard.sezzle.com
2	firebase.googleapis.com	dashboard.sezzle.com
2	o215203.ingest.sentry.io	dashboard.sezzle.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	kit.fontawesome.com	dashboard.sezzle.com kit.fontawesome.com
1	geoip.sezzle.com	dashboard.sezzle.com
1	ekr.zdassets.com	static.zdassets.com
1	utt.impactcdn.com	dashboard.sezzle.com
1	websdk.appsflyer.com	dashboard.sezzle.com
1	apps.rokt.com	dashboard.sezzle.com
1	szzl.io	1 redirects
0	www.google.de Failed	dashboard.sezzle.com
260	27

This site contains links to these domains. Also see Links.

Domain
legal.sezzle.com
policies.google.com
sezzle.com

Subject Issuer	Validity	Valid
dashboard.sezzle.com Amazon RSA 2048 M03	`2023-08-24` - `2024-09-22`	a year	crt.sh
media.sezzle.com Amazon RSA 2048 M02	`2023-05-03` - `2024-05-31`	a year	crt.sh
cdnfonts.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-14` - `2024-12-20`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sezzle.zendesk.com Cloudflare Inc ECC CA-3	`2023-05-30` - `2024-05-29`	a year	crt.sh
api.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
geoip.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Frame ID: 0B4AC8DC0617B2354ED6FC0610BC7BF7
Requests: 216 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Frame ID: 463B74CC2383652F89EBCCD08298A0AA
Requests: 10 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: F26DC786AAAD8E59DBB116543606C5D5
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 40E2FA634EAEC51BCB4AB7F3B6480F3B
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 7CCFC91EAB59D3DAA2B3A91EBC05C561
Requests: 1 HTTP requests in this frame

Frame: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
Frame ID: BE8AA29E749EE456AF1A564300CA35A5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomleft&cb=kcp86sqj3k5q
Frame ID: EFB549581AF0DC0363C8E997771596A0
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
Frame ID: 41482CF0190653CB46561E3AA5BE050C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sezzle Dashboard: Welcome

Page URL History Show full URLs

https://szzl.io/ucmu9d HTTP 307
https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

260
Requests

99 %
HTTPS

68 %
IPv6

18
Domains

27
Subdomains

23
IPs

4
Countries

4454 kB
Transfer

10404 kB
Size

17
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.sezzle.com/user/en-us/
Title: Sezzle User Agreement

Search URL Search Domain Scan URL

URL: https://legal.sezzle.com/privacy/en-us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://sezzle.com/
Title: ©2024 Sezzle Inc.

Search URL Search Domain Scan URL

URL: https://sezzle.com/contact-us/shopper-support
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://szzl.io/ucmu9d HTTP 307
https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

260 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request purchase-request Show response
dashboard.sezzle.com/customer/
Redirect Chain

https://szzl.io/ucmu9d
https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

7 KB
5 KB

711ms
646ms

Document
text/html

2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b715459e361d5cdd5e1e68473c937b327ac9e51ecff386c4ce6b718f7dd17d33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600,public
content-encoding: gzip
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:15:44 GMT
etag: W/"sano8t5a3"
last-modified: Wed, 20 Mar 2024 16:53:17 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: 8RxQEMvcnQOW-v9ym9bPFsYo3B-JNBcEyxHhM6Rs5Ul-11-xxjCzRg==
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sezzleinc-test: test header
x-xss-protection: 1; mode=block;

Redirect headers

content-length: 120
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 15:15:43 GMT
location: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 sezzle-legacy-5.3.5.css
media.sezzle.com/style-guide/css/ 120 KB
22 KB 86ms
23ms Stylesheet
text/css 2600:9000:275b:a800:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sezzle.com/style-guide/css/sezzle-legacy-5.3.5.css
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a800:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:02:34 GMT
content-encoding: gzip
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 43990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Aug 2023 15:07:41 GMT
server
etag: W/"eede49ea943b0bc51703fd902fcaec8a"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: NQtwFJXPXRhc8CS9sBiPSl5Skyq4UcD9cu0t9DFdlgg94-d2-m9mQw==

GET
H2 200 satoshi
fonts.cdnfonts.com/css/ 2 KB
744 B 95ms
39ms Stylesheet
text/css 2606:4700:e4::ac40:a31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/satoshi
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 676476
cf-polished: origSize=1959
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Mar 2024 19:21:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mN7irq52aeg5Iwp%2FLpwAeIGx8SYQKruhu4gHyL%2FroQDMGDcCQlC3WHcr1N5fL21lDrbuLf0Q6l%2BLwHKwGIEKOwKP8JYm38sp%2B1ptTzgqjczfvSLUyjbvWU2ZX0znUcYfqTpbQOGGjk6N8mxK0au%2F%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 867ee6297c593832-FRA

GET
H2 200 launcher.js Show response
apps.rokt.com/wsdk/integrations/ 77 KB
19 KB 121ms
35ms Script
application/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/launcher.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8fad2a1f305f46c7b9ff3931a65b3daee9a75f1ec60798d28784a695039c4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: SBKR9BPTECF5RDPY
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 18891
x-amz-id-2: 43fATAZqIq+MW5MbkNRTzTkNMXxykwIQtjx5KSpjUCJKLE6li+YvDp6griGzHlXdxQoVkkg0iMo=
last-modified: Tue, 19 Mar 2024 04:28:51 GMT
server: AmazonS3
etag: "12b3367d407d21256f66ace6864d1ae1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 e6012efc1e.js Show response
kit.fontawesome.com/ 12 KB
5 KB 489ms
438ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 867ee6299e409766-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F76fVYwycZq2I6LZTL3h

GET
H2 200 50e6403231e2149971eb.js Show response
dashboard.sezzle.com/customer/ 10 KB
8 KB 729ms
724ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

25880f9d5ac05faa1077b4f6b2461cfdcab43b57145961e8f551f2c6c699da22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XZwii0BXTemw.TVgnhbkHOY.PXanpwRa
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"beba5d39c88ec9606e67320492102d66"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: t4wHbvAEQgTx85BWFnPfCDwZQOTfUwj5017U6YHYzjYM8ZwhvwEGVA==

GET
H2 200 1a256f2d971cdf513dde.js Show response
dashboard.sezzle.com/customer/ 121 KB
56 KB 716ms
711ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BKP7CpdNpTt4WM2PrKsOyTtqNfM.eZ_P
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:16 GMT
etag: W/"ce951a0b55d48e8e50b8f44e2b3548b6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: aD9h6L1fHdIU6Klb1DRjdS0lUWpphX4mlYCSrh2zAHGS75IgMkhxeQ==

GET
H2 200 5f2ac3972abfbd68e212.js Show response
dashboard.sezzle.com/customer/ 44 KB
15 KB 741ms
736ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5f2ac3972abfbd68e212.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: YVIL48govz1K1uwkLCIzQmEWW6cPYoJ0
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"851ab23630c047782f7829decc162c01"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: krkQPGhu8tQwLH3e3yQ2Pkveur0pOTKhcg1tGB0rRCNYF9uiNliubg==

GET
H2 200 43b66ae0e58e97f5166c.js Show response
dashboard.sezzle.com/customer/ 66 KB
22 KB 790ms
786ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/43b66ae0e58e97f5166c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tKDbfqU8qKoLXBkqr4DjlIsKCwOa8LZR
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"05e3c200baafd8f7ce776ff3d328d226"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RCJs6ne2QTbyrEn-GJ61s1ICbPkX9TXzhU0_fqZzkv0vdgbQTImNDw==

GET
H2 200 38cd1e2ca48fbd36dcee.js Show response
dashboard.sezzle.com/customer/ 37 KB
13 KB 723ms
718ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/38cd1e2ca48fbd36dcee.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d28ea32e0e9d777f0bc8456a52c0d14390608e0aa690e1da69a9c4d2fe219754

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rW2HOZo3WpXVefoL0gLLNYq2wHkm8l7d
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"f270eb84e1830dd804fc5f0c73d02e3a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gWTddgwV-QmzFaIvbRgOTxXwGp9iSF3XttIxf3zv3MXDzghKLd_wNg==

GET
H2 200 7670b28a567a649a3bce.js Show response
dashboard.sezzle.com/customer/ 169 KB
55 KB 743ms
739ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7670b28a567a649a3bce.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d9702cb4e015be963406e31675f1dfe630461575ebd82dcfa764a875010a3019

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yRZ6cglt_T43lOU.lmuYPdejnLjcvmbN
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"ee5b231aa8a132c22a327078fb52ff05"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: v8-WAmQG_8ywXHZqmYnZIYFQIMR-dXLtOC35xKfLQ_ke7PQQl0TVwQ==

GET
H2 200 e02d3d5a53be08d3964e.js Show response
dashboard.sezzle.com/customer/ 30 KB
16 KB 734ms
730ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e02d3d5a53be08d3964e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: HF6c5azbHCKK89sHr8MiQjyC9.uDI6rs
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"695895a7f31ff3beb7d8f1925bdb882a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: XHFr0rvVyFixIo5iWDl_Xh7cfy-IqFYXxfrr27YX_hKNja_7Zgy03Q==

GET
H2 200 be3a9a570e455b866bd5.js Show response
dashboard.sezzle.com/customer/ 13 KB
6 KB 729ms
725ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/be3a9a570e455b866bd5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zWj1CNVAd0p0nHif46VwGByG0ZXCUv1m
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"e622c88365d8fa13ade95e934bf9738e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: yva1GS-1I_kLKKhOLa0GI175TVmoVlrLtW3Rx9ZSst6IxPc_WsAKYw==

GET
H2 200 c0bec519dabc8742bd4f.js Show response
dashboard.sezzle.com/customer/ 14 KB
8 KB 747ms
743ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c0bec519dabc8742bd4f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9x.JFckfbSsFJnxRHYwFHijbTA7S4uoJ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"ff4e9b15c2aebd913ef9967f8e5c58a3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1_ul-WxaIrf2JLREbaHts8M0b20_iDu_rAIEFBqzXLTMxxy0VE3FJQ==

GET
H2 200 269f6ffb02ae81790952.js Show response
dashboard.sezzle.com/customer/ 58 KB
20 KB 725ms
721ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: I_6R9vdeViwu.xi_37qzdJrtQ7YGtXLn
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"b896b0503f2af94aeef289aeeb816a23"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: eSBKuSSePrqX3kdhONjS3pLDv0DrqXC7_4rVwuCINSp0MhHUyWTSlg==

GET
H2 200 ef8efec8169f7dbef07c.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 939ms
935ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ef8efec8169f7dbef07c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

96987d15cdaed054d226578136f46cd4e6f2c0fe70f360a77ebc1821c4b796a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aV1DmucyY4fFkKu03ZrdJtjZHwx51tIk
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:30 GMT
etag: W/"d62139fd1b5bfd1356d4044d4ab0a0e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RibfynyiAWFot9WgIT8E45WPGdhGc5H_h-d2ltCIgHObcRC3IFqXZQ==

GET
H2 200 1f21e1d5495b0d2fbb0d.js Show response
dashboard.sezzle.com/customer/ 49 KB
23 KB 811ms
807ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1f21e1d5495b0d2fbb0d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MqsbhaW.a8rKQrH74zN.yn0XEQg8wpKc
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:16 GMT
etag: W/"e1ad74a558591ec6da2f48ebaec8619c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IfWUd2_9fmrd_mGutJ4kqFMe-yn5Zqy_24SPXM-S0zOE-SS_4ZJo7w==

GET
H2 200 dba21c409767f4c222d0.js Show response
dashboard.sezzle.com/customer/ 15 KB
9 KB 941ms
938ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dba21c409767f4c222d0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9gw1b51O1lbBKU0UoENWZOEzZ.kOe89_
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"71a283f0bd09929420eb42c943d2aee0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: L-hhbF0zZFs4x36PNHJs3a1QQi49JiSEJkBUgGyKO4ngjTQC8KJlSg==

GET
H2 200 d34ed654a54c7f7c2879.js Show response
dashboard.sezzle.com/customer/ 45 KB
20 KB 935ms
931ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d34ed654a54c7f7c2879.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aw8gHZZHPnwy7VDPt693NuqwlDXi33XM
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"372139d2b2cf8f6907452a839ce3ce7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: xZwTy4wOKfCwE4w533t39XMyIKWl8JG1OCq97qdFr2kB3TzPewgNAA==

GET
H2 200 cf61b0190262999540fc.js Show response
dashboard.sezzle.com/customer/ 32 KB
15 KB 492ms
488ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cf61b0190262999540fc.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ot2jELfsBEbQRuyFGdAHsRiKfMLeIrcf
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"3ef2bebf8f0a6c92cf04e08f9be94d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: lAdzazYYR_PRqL0tMtQRS3ICHsPigV6sjwqR5SFsM4TV2knrYD3srQ==

GET
H2 200 294199fb500e225f76d1.js Show response
dashboard.sezzle.com/customer/ 26 KB
13 KB 949ms
946ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/294199fb500e225f76d1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: bYB_FVQpCiE1ePmYwFfc8XUmchvAOpqC
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"c30a3cad191b1adab2709c5df908b663"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7bg6Qxv66ybVpc1RSDkW3G9sKVUdup4HuVG3tjhgou9qBqXzzDoa-Q==

GET
H2 200 ba48324d348fdfd3de19.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 821ms
818ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ba48324d348fdfd3de19.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RJC32GUzd8J.zpKzN5NoUg6DXdxPzvhv
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"8246c443fd9c0ef91e582d500b6a2073"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 68JT9Bcm0Sm4YIUMs2azHbusRJ1QhAMpVvuypmPm5g_DYEqOWTBCsw==

GET
H2 200 20b8c23fb6af2dd22732.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 804ms
801ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lwBat9hQKL9FXzf.KQhyyh6RxO0auUkM
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"d3457e3bb1fbbee2ae7c7fb50e75a2f2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5_Yp_chBow33gtgqlibvENwP0i6NaDYd5vRo_mzsVrjjTb5eIdoMUA==

GET
H2 200 16c09ace82ff2dfc6fec.js Show response
dashboard.sezzle.com/customer/ 54 KB
21 KB 620ms
617ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/16c09ace82ff2dfc6fec.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _7GzFb_wprHnHN387HJj9j0Wu5Q0AeWH
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:15 GMT
etag: W/"9b95e5a5bdc30a0d8170ec5d7a544ba4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _wzNKmI8RKsibFq7ny-7nztZeXkVPcZ9HHcVbwe-ARWF1ejm3l4UsQ==

GET
H2 200 0389a4b03c47f4feff45.js Show response
dashboard.sezzle.com/customer/ 56 KB
23 KB 858ms
855ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0389a4b03c47f4feff45.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ae9cd769e2f50446024af16f13ade6601193ae6a48ed1c7d67e94f566af1de5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lGF8p8hmD9UPwCta5tpLUn14gvmra3Ng
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"a7a711556fbd27bdf3a35852e44a38a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: edoHiaf3w4VjdFFLmevkO-6VVck9GTWc_1hLUwfHA-JEPc6hOfNG5Q==

GET
H2 200 71b702d49c2543430041.js Show response
dashboard.sezzle.com/customer/ 95 KB
35 KB 791ms
788ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/71b702d49c2543430041.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: jb2iARVQx3nm291Gn.gzwMTLBiscU_S4
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"722d15a0ce497fdd562a3e13734b1204"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Xf42W9lli8FWWbz0Iz_done0b4hW15VeahXQO7y4PaIGdlQX-77AnA==

GET
H2 200 5996d3e883a29e8c4b40.js Show response
dashboard.sezzle.com/customer/ 54 KB
22 KB 751ms
748ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5996d3e883a29e8c4b40.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zFpgcybb1gtAMOu9iRO_5siZMvVVfCfL
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"1168ace9b755fdaa31bee8fa950c8422"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ew27ZsjfXiZAlYcxbIapzTogn2hrGKRf4bpxmHWwfZWc7r4m6Et6xQ==

GET
H2 200 7de6f906968d01481560.js Show response
dashboard.sezzle.com/customer/ 36 KB
14 KB 928ms
926ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7de6f906968d01481560.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ujbx9IEDFgVJfVyc2YuwN216p5wUIDXY
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"5cebdcfb449473308d6f20cd34547d2e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: cjaAugX-JXSwtje0JZi0loUcU9RGbnHMbfzO5wf6qasBQ6nK8zG7LA==

GET
H2 200 61579f7936eb81e43928.js Show response
dashboard.sezzle.com/customer/ 16 KB
9 KB 933ms
930ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/61579f7936eb81e43928.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AJBTek6HE.RjGQwDTdq7PsMbE8v9LVe.
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:22 GMT
etag: W/"2263b54c2a6f363537fc3062ae60d537"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: c88ShYpRdAmFMMqBCJ2uaVYIUsmoQyHT4TguOcbsFVcqc9VDxaCmLg==

GET
H2 200 d179d030bcec3ad1bc79.js Show response
dashboard.sezzle.com/customer/ 42 KB
16 KB 920ms
917ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d179d030bcec3ad1bc79.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sUtBJ1dSuywl8LmSkrPZIKRABNHRosO2
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"38d0002465c17efa1cd33cd87389c560"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bDMxD3wMGoT71BjSuh8fZtDZA3GYa2XPIp1fmMBmtYvrA3wvIDtqfQ==

GET
H2 200 84508b0119db4b8d89d8.js Show response
dashboard.sezzle.com/customer/ 16 KB
8 KB 951ms
948ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/84508b0119db4b8d89d8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: I_qc4dEoIaFiaXROzh7sfAdCU6DYoBaL
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"4ad5d7ff4221ec1e4ca63535a6b2861e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ff8f3Vqdg5a5mj_smU2s5W6fkpDvwJxcvZzBHRgmr7hp4rPz5TnRQw==

GET
H2 200 bc6c40607186b8123b82.js Show response
dashboard.sezzle.com/customer/ 41 KB
18 KB 819ms
817ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/bc6c40607186b8123b82.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dpAM4Vmrir_CtiG783g.sPgl8BZPR1Or
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"e9df12476a87375f0aee34c45d92b89e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HrumrKV9E2T-nA4OqbIFbrLAqNNpBIjg8Qq4VdqO4rwmhl6CQVoNDg==

GET
H2 200 aba9eafb2237225c0091.js Show response
dashboard.sezzle.com/customer/ 21 KB
10 KB 815ms
813ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/aba9eafb2237225c0091.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wEFGtTebS9kP097WturErLMEOhc5Y9XS
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"69e7e26cd161eaa61d2cbf7533fb3795"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: la9VLhvVu9o-JNcxe7JWWKRMTzV6HGSstpj-gs3gnr5UbG0Bco1e1A==

GET
H2 200 328af461014385e1d630.js Show response
dashboard.sezzle.com/customer/ 116 KB
47 KB 590ms
588ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/328af461014385e1d630.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 97DvJZFwpq3fyGx19Kw1P2qRxnRFeUSU
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:18 GMT
etag: W/"3e82368cce7f44c2deb21dae9eca8110"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: PAMxFp-EfmVK9r1DCe6aVX8y1oPK-5u2I9uH-8ExqoMtv15ijvNcJw==

GET
H2 200 f49abfd21510e98e3b38.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 877ms
875ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f49abfd21510e98e3b38.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: SEF2ppZDgs2rlEwOH48MB..4uCUiwIaI
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:30 GMT
etag: W/"730b1a2493c00d17667ea85a514e2c30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7pxVe1BpTgCSWpINDJ8gzaH5yKwkwyA-lbO-pH1IfP7LsqlAzhsGYA==

GET
H2 200 4194987c16fe56cf15b0.js Show response
dashboard.sezzle.com/customer/ 32 KB
17 KB 1072ms
1070ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 1DpoFf_OeGLDnr9J6F.bDDMhptjWByXY
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"0bd91b5148ec59c9333e41278a4e9d2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3vwM5upr7kvHnuQCp02dDBk-r_MJjrtxMDicJ8z9GUb2AhekJ1fJQA==

GET
H2 200 0c0b11036ab99da64633.js Show response
dashboard.sezzle.com/customer/ 18 KB
9 KB 848ms
846ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rEXDsCR.6HUaz31WQt7i1A5ks7msgM18
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:14 GMT
etag: W/"47fa2fb58d7588410598540acbcacb55"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: oH2ObwXYUCyIDlkN-PzbaksTM8P3xXCanWn0cXjgAbNIRxwNVCvZmA==

GET
H2 200 3964e75922de7d163aa6.js Show response
dashboard.sezzle.com/customer/ 51 KB
22 KB 796ms
794ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3964e75922de7d163aa6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: s9_LDVjYUf5rBwfVFan72.qKA.J8QQzz
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"1d1e68a5d66ada9f8becb9866ed46447"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sUMe4uHlKEgEaEyB7Gznr8da1FYvS9sPopotLf2eFA9-2OKNfKRcvQ==

GET
H2 200 6764fe5af3546fce4b6d.js Show response
dashboard.sezzle.com/customer/ 75 KB
31 KB 780ms
778ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6764fe5af3546fce4b6d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: HtgtJ50YGFQXZ4Eaop914d28.OCmcjhA
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"6ebcc518518edc21122366a6670813ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: VQPGADaSp2IHU8JV4RKEnK-po3AntIJ8U0USP9OPUtEtneiYTmU4Sg==

GET
H2 200 7e67d1d3607959690b91.js Show response
dashboard.sezzle.com/customer/ 139 KB
45 KB 784ms
783ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7e67d1d3607959690b91.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3379de048a26fad0cf1ab0f7000cc6181a7f97ea122fa1dac08c51eb34c56f15

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: VK_Y7qswRxExEZVsI2RCxHdxpQjt7euo
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"3ce5232771be2f9eb2af273c8de4bf28"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Z5L8dwYW7sQvBs4EUN1WN6x-pbu4eprz_SejG2xkCdfRjoFWjOp1OQ==

GET
H2 200 0e9757d9ff6b94c34dde.js Show response
dashboard.sezzle.com/customer/ 34 KB
17 KB 612ms
610ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0e9757d9ff6b94c34dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: gsoodkE3z6Kh1Vj1AQ6uKJQatEosnOxG
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:14 GMT
etag: W/"006fd4bb37401463eef8eacf9d8c0776"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gyjUPBFIj6uMYSTcP3SmWEoh9lXVXLBswvVGuakKifMCMVA0JLrUvw==

GET
H2 200 59ae3805c625c3f8728e.js Show response
dashboard.sezzle.com/customer/ 124 KB
35 KB 882ms
880ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/59ae3805c625c3f8728e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dbdc4f5b177623abbaf83544440a8811217569c988d7c153750bb36adb0c13f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: GjWKBpr1lDGWBHaalCO8cNjs_cfVS4er
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"efefc7ac2a1437229a65e94c59c168b5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fOW0xBFHY0qN8h4c16VS0de_9fnBbP76hdNSK-ymvo0FxRPluVXLPA==

GET
H2 200 9879d1a9b3fccdbf8197.js Show response
dashboard.sezzle.com/customer/ 219 KB
61 KB 810ms
808ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9879d1a9b3fccdbf8197.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6bda657bfe15f4819230d93d20f4f44d657e0dd681b0ac14c12ec6f654ef06ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Xi.4FI0q.nTOg3.hau3hOTLNFKDcEn6D
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"78d8fdd9047838ba6e12a3fa4dbecd94"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: VpiNQDTFFiVhEOPYgTJQ1RHJ65O7xqHM0eCy43aNLtkA3Bok91t7pw==

GET
H2 200 3166a49e08d388802b5e.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 746ms
745ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3166a49e08d388802b5e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NowWz4CmbC.9vifxQJIQDqiYay0YTesN
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:44 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:18 GMT
etag: W/"451635eba560a4f045ac3961ed1d5d8f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: f3p1bgtqbhyEfLLTFHpopve0TncAQ8BEBCabm0a5_OsCDKrI-6jLjQ==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 91ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CYEYQJYMT4QZ3T8W
age: 31
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmG1Pr5J6%2FzMI9fr77zIsVeI28P0aCeU68QOZ7%2FYt7usXozOXd74oViPGkLaJvBrArJfStvNVtuEBRMgvAUnZ6qUn0JucywzMKnNTtaNPd7mSutADfc7e%2F2NGbrEcPwbYBeZwII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 867ee629ab0a2c57-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 136ms
41ms Script
application/javascript 2a02:26f0:3500:11::215:14ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 15:15:44 GMT
Content-Encoding: gzip
x-amz-request-id: 2YBFDHXY2BG0X743
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2674
Accept-Ranges: bytes
X-DataStream-Cache-Status: 2
Expires: Thu, 21 Mar 2024 16:00:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 326 KB
103 KB 93ms
43ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba296ecf0ce60b92d316c06e1a10bd052ede53d60d1e6d2fdce42c3cc75d84ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104838
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 15:15:44 GMT

GET
H2 200 A4960984-1d8a-4877-8732-da02a6e830751.js Show response
utt.impactcdn.com/ 33 KB
14 KB 163ms
112ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e292a33b33a227a81e36a4703db693c3ead0eb43541961df7222931a2c63d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:11:49 GMT
content-encoding: gzip
age: 235
x-guploader-uploadid: ABPtcPqwLC1WEeGqcM1MXZ53ki8mBxAWWWDmbt3W2Z0FvQmBDvsjbHm3dcrp3vozUnB2aq1IE_iYsGwV5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13439
last-modified: Wed, 13 Mar 2024 17:25:21 GMT
server: UploadServer
etag: "2490cfaaa1a1fdabaf0591ef7215cccf"
vary: Accept-Encoding
x-goog-generation: 1710350721310803
x-goog-hash: crc32c=OuxJSw==, md5=JJDPqqGh/auvBZHvchXMzw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13439
accept-ranges: bytes
expires: Thu, 21 Mar 2024 15:16:49 GMT

GET
H2 200 f5e28690-e3b9-4eab-8d64-51d4051e7e96 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 712ms
652ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3ea420203ff652213a1f2990d3af4d88982f6362c3b13519d7e0dd64289c52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 866c6e4a38368deb-SEA, 866c6e4a38368deb-SEA
x-runtime: 0.005511
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b3ea420203ff652213a1f2990d3af4d8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJCrRs%2FWt7Su9zoCWEgaw91vL6iX4h7unq0yXKrXi%2FAUM7Easb41B2PQz2QQmKQWF9MEKixoLyd6yMJRTn4lFYNZtu6F0faymGl8GbaAzTi2XPsfHS8v95nTmv0JIKR%2FM1I%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 867ee62a3b224d59-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
97 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bf444e066018f0f9009daa2d787d31859ba6540cfdadeeb9efd1f5a525678d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 15:15:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
97 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b83fe55d84be2f70a7a00944a676298cba1abd39c19a46941cd62652559e789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98956
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 15:15:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 13:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Mar 2024 15:48:08 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 86ms
29ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1MJLY6RLKW&cid=91007886.1711034144&gtm=45je43k0v886187776z8810595113za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:15:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 28ms
27ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=656357967&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&dp=%2Fcustomer%2Fpurchase-request&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=608049517&gjid=376946987&cid=91007886.1711034144&tid=UA-72079130-32&_gid=1058210389.1711034144&_r=1&_slc=1&gtm=45He43k0n81MX2HJWMv810595113za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=147984673

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:15:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 32ms
30ms XHR
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72079130-32&cid=91007886.1711034144&jid=608049517&gjid=376946987&_gid=1058210389.1711034144&npa=1&_u=YADAAEAAAAAAACAAI~&z=473553245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Mar 2024 15:15:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 96ms
46ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72079130-32&cid=91007886.1711034144&jid=608049517&npa=1&_u=YADAAEAAAAAAACAAI~&z=684689477

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:15:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 40ms
39ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 189373
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 867ee62c59759766-FRA
content-length: 120109

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 34ms
34ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 675070
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 867ee62c59729766-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 36ms
35ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 685383
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 867ee62c59709766-FRA
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 37ms
36ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 675070
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 867ee62c59769766-FRA
content-length: 1733

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/e6012efc1e/81665541/ 0
124 B 38ms
38ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e/81665541/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:44 GMT
cf-cache-status: HIT
age: 685384
content-length: 0
x-request-id: F7xhIt3ErYOx8-T2f-ch
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 867ee62c596c9766-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 web-widget-main-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 463B 436 KB
139 KB 57ms
56ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de43612db6bcfd8eab627648039b3ccbbb87139c713ba3e1cac36910326b7809

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: 4.rZqSB9Bnekak_ynV4ewUazXc1fWmXm
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C47T8PXVE9R9DRX
age: 193738
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 7mzcBVRt+E6klwZ9YXkghG2orCx8ZcvwViDraDn9pB3Wr/y5rmz80Akfc3Z5m3jpBmodZ5wUpxKzwSHi8nQH4Q==
last-modified: Thu, 07 Mar 2024 14:21:03 GMT
server: cloudflare
etag: W/"44c50613f509b1611590bc307ac44026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68MTBYAAlGIRSR4nVmJngS%2FWjjiReLMUH9LeEPs12vnAq6V8L4n7RI2ywUVCL3xOgNsn%2Bk0EKmhJuVEjIq%2BK3xkfGER%2BoEZP7spe8gfSbd4%2BoPFJaJZUJ3ROeMRmtZJ3zV%2Bm9dA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62e5ef42c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:02 GMT

GET
H2 200 en-us-json-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 463B 18 KB
4 KB 35ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: xU.UJKzvZAqxA35vi.bk7FLTZqJ2s5L2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4E58BEC93H7WZ9
age: 193737
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: z/F8ZTLS80HA6Hq25QDvDtjufL/sG+cd4iflItaLmSIyxxpzLYs162c5WlYUi56oZTKULLKqyjw=
last-modified: Thu, 07 Mar 2024 14:21:04 GMT
server: cloudflare
etag: W/"3ac3100c0ffed8d435c31e09d2196883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHrZckwmXXnZXY%2FM5J7FkfarayYRKfYM0IHMS46NAkMRlWKWF6INFiVsceV3ZIUIIrweZQFlQ8h3yJtBMOfIkDrWRsX4o4WlLKT8qtXZYiM70gN4993n4q32XTNwuivCnLBMH%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62f2fb62c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:03 GMT

GET
H2 200 web-widget-84852-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 463B 139 KB
47 KB 44ms
44ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: veYbcIGkqYtP1iMqRwAf.V2ZbkNLzcZg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4D8ED08P4G1NWF
age: 193738
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: BnWPc/u8fi/XsHls05iLas2D5j+MAS45uGU6Xkgm1xpD+kYubnun2nwWLPG+1nmBMvVk42IRY/g=
last-modified: Thu, 07 Mar 2024 14:21:01 GMT
server: cloudflare
etag: W/"d19f02a4d0c4a8500e3d2de6c4f5e6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeuL4OR9J7JO3HejEFSt16iaVRrfH1B%2FgPcyKdkbK4yHo06QuT%2Bl0N3B87O%2BOAhhCj3UcWkl2SnuyvlJwO6Ay3wH2GEKdsQ4QAFGlafcvAItZwVSiiYtfLoYwc1PDqM2rAM2Mqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62f2fb82c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:00 GMT

GET
H2 200 web-widget-1327-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 463B 18 KB
6 KB 41ms
40ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: rTXD.80HkRIC6hvw9IsRXl951LUj5fJ2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C45Z1EVXCYE3CN5
age: 193738
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Un+ULqzT4bJ4rxMYjM6cDHGcrpUJhTCF2gQrunScAp9FfBO/tpRAAbdpHc2pTxgiOByaY/dNZvR5Kwp6nKvslw==
last-modified: Thu, 07 Mar 2024 14:20:55 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJ0nHGtJNFFv2%2FY9qVkEhXcMzkWwb7EVdhD14ktSmMiFb48pqCNx0%2B5SAYS1GPP5Dwao0DO665Q7CqXhWVh2ogwHUhkJyoVGSx2CCd6EMZYxL3ndJ1UsK%2Fhl7V5IT02hPjx2rrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62f2fb92c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:20:54 GMT

GET
H2 200 web-widget-92795-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 463B 14 KB
4 KB 37ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: Iwp9HreJBQqvZOXyJGAXGMfxFZFvCIEV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4060NMTD2190GD
age: 191097
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 2hfXqIanIz6t/dyvlNkmvr9kaCogDGYihetUsTPbkG4G4XRPaj59Ik4FPZRgTpBYxbZkoC5QtVlSarO1oTGo4Q==
last-modified: Thu, 07 Mar 2024 14:21:02 GMT
server: cloudflare
etag: W/"0ddb1019371eba2e87775cd507d5bf90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRFVvUflXufnyJ9ikU%2B1teQfyIycBs%2BCrHAZwxi81JO9x77G1lfldT5YvIWlnObIsGQjqyxEK1K20h1KsfaoSB875GRX1sJnoZ9FtFrF7ZYlGxbaTMiqUIA89sAR3sEp9CXpwBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62f2fba2c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:01 GMT

GET
H2 200 web-widget-15178-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 463B 12 KB
5 KB 38ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: fNxiDRYswoT9NV6HH.4Ddske2h7ECHym
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C49ASYBY63ZGHVE
age: 37209
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: QToodVMdkCgNrQK8wSipMPK5bKORLJbixAcR/tILLSGNOThRy15MPwa0oguYPde5TIsrHoL9oxg=
last-modified: Thu, 07 Mar 2024 14:20:55 GMT
server: cloudflare
etag: W/"db77198393a490e11834f06f319204f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yC5US1U8B5BZmTXlfvatjml8%2BghVqeIdtw7vT%2FGZSwkazHEcaItuYOGea9MCj1yy%2FD75xTgo4v1ndP4iA037cEoVEmFS4aDT3nzRTkLPJYz0DzxAlro4tXRp8MnHMvgOO9qn5%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62f2fbc2c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:20:54 GMT

GET
H2 200 web-widget-59535-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 463B 15 KB
6 KB 39ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
x-amz-version-id: r1saJi2ugifESncYW572Ey.judSGBY3V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C47YRG8DKV54X71
age: 193738
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lsFVx5IV8+iPleJTeYcAM59MWL/iZmoxLrOLPvnNK0mSj/ADHcglHsCxfFuEBmB3Bnw7U8gsJoA=
last-modified: Thu, 07 Mar 2024 14:20:59 GMT
server: cloudflare
etag: W/"781401f7f5de09fdd2c7e3f9fa812fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5xclMBt8c6fvtX8a4h0OxTlf8vWhCa72fqpKLfrRIVYzNUPVJvYD2RJL9G0IZq%2F6yIP2j8qPAnCLW135Tw5i82RMZPAbzvxcCQweFZdoT5dUYDpiT9G7%2FRGS9m91YK1w8GWbPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867ee62f2fbe2c57-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:20:58 GMT

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 256ms
191ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 867ee62fdfd01d94-FRA
date: Thu, 21 Mar 2024 15:15:45 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJ%2BN2bLg%2BNz0%2FYwRBedga7dlS96nFWKhrypEwyWda8oEMIODsp%2FSGyOPON3ZUNLmL2s%2FkJIcf1ktW3cP5LmOGD09ICp0Y0i74T567e4sG%2FaoL6dsroTbTaUK0Fho3dfMOR0uVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 867ee62fdfd01d94-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame 463B 0
0 246ms
246ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfyUT%2BlmQaHR3sMlUl2HCirgJGYknP1BHUl%2B7coxkUbXqG7x46gRjFB%2BLufyz3%2ByNolUd4%2FanLcLPKMLuhrCXyw1KBm5270WlvA8Y%2FJTfeIQV%2FDE9TyQJIk0kYR1YFGfB%2FKKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 867ee63109391d94-FRA
content-length: 0
x-request-id: 867ee63109391d94-FRA

GET
H2 200 config Show response
sezzle.zendesk.com/embeddable/ Frame 463B 843 B
1017 B 278ms
213ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-74db44fd56-4qzdt
x-cached: MISS
x-request-id: 867ee62fdfce1d94-FRA
x-runtime: 0.001787
last-modified: Thu, 21 Mar 2024 13:43:30 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfBZ8R%2FEp7s4O%2FmN4FdLYqp5P8Po%2FW3yXL8Z0sbwT8VkssOc3OfnuWkO3iPAroa7sGYICVsw3sbLsi%2F%2F4pLq5vfH93GhXaY%2BJD0VVVLIQwoeJ%2Bwk3yjXLX%2BjBRFLWAmeyZGdug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 867ee62fdfce1d94-FRA

OPTIONS
H2 204 create-session
api.sezzle.com/v1/event/ Frame 0
0 607ms
196ms Preflight 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Thu, 21 Mar 2024 15:15:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-session Show response
api.sezzle.com/v1/event/ 0
795 B 601ms
211ms XHR
text/plain 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: e8b49c50-dfb1-4148-918e-ff168d1d14d1
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 252 KB
70 KB 70ms
23ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:23:43 GMT
content-encoding: br
age: 3122
x-guploader-uploadid: ABPtcPoiiUXB5LVqvNnZwUgwa-mhp2KFhRavRzDxqTQeDLGWr4i1arqdxrcnhwEVJ4u1Tn4kXEkWyeMJGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70641
last-modified: Tue, 19 Mar 2024 13:20:22 GMT
server: UploadServer
etag: "55abb77d6ef5f32c187228af79a39e07"
vary: Accept-Encoding
x-goog-generation: 1710854422256649
x-goog-hash: crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70641
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 21 Mar 2024 15:23:43 GMT

HEAD
H2 404 version Show response
api.sezzle.com/v3/metrics/ 0
911 B 576ms
198ms XHR
text/plain 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=3a38d3544a42bc0230f5aeabae6b747479315a58

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/59ae3805c625c3f8728e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
content-length: 18
x-xss-protection: 1; mode=block;

POST
H2 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 2 B
299 B 84ms
25ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 b00093d2fa1313225ae0.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 706ms
706ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b00093d2fa1313225ae0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: .FaaRk5J6HUPpVKbjDBq.fMZIYolZ_oQ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"c5f6fbaa69aefab9a350b4c5aa16a77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ycHPxs1-Sulven4jcqDf-XyK2fdx_bkxCiw2DZicL2lY7IHrBCBipg==

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ 345 B
424 B 48ms
47ms Fetch
application/json 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ Frame 0
0 106ms
38ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Mar 2024 15:15:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 0a4fc0bcb2c608622ec1.chunk.js Show response
dashboard.sezzle.com/customer/ 213 KB
57 KB 718ms
718ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0a4fc0bcb2c608622ec1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a990b3591cc69ec2acfffc2ede431d55a8419fda4c385cfd114cfef4d03b2c1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Tl0wBQjyXmCDzOqSZttPadamBbpO3bwR
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:46 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"18ff4ed09e1e5bc519ff367df1c6f007"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: DIrk_t9S3HNRhXdA86VdbnmxVOs53Khw8oELNr2Mti-wrgAKeH137w==

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 625 B
679 B 391ms
391ms Fetch
application/json 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e026e20de107ba399c0b6c4e83011096f6496b429cf65c5bfe97ef918b5e2c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1hbmFseXRpY3MvMC4xMC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4wIGZpcmUtanMtYWxsLWFwcC85LjIzLjAiLCJkYXRlcyI6WyIyMDI0LTAzLTIxIl19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: application/json

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 0
0 102ms
38ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Mar 2024 15:15:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 Satoshi-Regular.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 79ms
34ms Font
font/woff 2606:4700:e4::ac40:a31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 681047
alt-svc: h3=":443"; ma=86400
content-length: 30876
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "789c-5e44d05a18ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYdNIisSEU5OW2DQLV8OXoRL2YtkPb2CHEk855wMBMP1wgj7RkfyvOP%2FVXp7GhyKSNneo51N7lzfhg5CMOo9TCKFLjm2hz%2FzsDk9FbEwuJJQN8%2FbJ1ljhhc2%2B53Tf%2BQr%2BNPNKWO%2FSl9hTx3tMptWWiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 867ee63118785b68-FRA

GET
H2 200 supported-countries Show response
api.sezzle.com/v3/users/ 484 B
1 KB 587ms
198ms XHR
application/json 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-9a88c34334a341c57447c8a180109908
accept-language: de-DE,de;q=0.9
X-SezzleInc-Auth-Resource: dashboard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-SezzleInc-Trk-ID: e8b49c50-dfb1-4148-918e-ff168d1d14d1

Response headers

date: Thu, 21 Mar 2024 15:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 supported-countries
api.sezzle.com/v3/users/ Frame 0
0 518ms
197ms Preflight 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Thu, 21 Mar 2024 15:15:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 web Show response
edge.fullstory.com/s/settings/13FHV/v1/ 9 KB
2 KB 133ms
131ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/13FHV/v1/web
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0e006ed6ba589e382e7527563de8838cb1701c876643c203ea87305b6b8f6544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpM0MpodUJZUwuizCC_vJL2kbJeb826eZ4yw1f4ubdbnZ2_8S1i_ILTynrYzlE8BszA4YdS3ljPHw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1959
last-modified: Thu, 21 Mar 2024 15:14:10 GMT
server: UploadServer
etag: "9c75d2d6895333b91997599786f9b8ec"
x-goog-generation: 1711034049961595
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=uOe07Q==, md5=nHXS1olTM7kZl1mXhvm47A==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1959
accept-ranges: bytes
expires: Thu, 21 Mar 2024 15:30:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0259b2d8fed6b093abb6612d09dee084d840d68cc1744211e9084a26bc7b147f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 15:15:45 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 10 KB
2 KB 192ms
139ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 315d031821c2c2ce7691f7374e6ee74ad95f6020d3f425ea6ec11b8ab11fe1fb

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Thu, 21 Mar 2024 15:15:45 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 75ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je43k0v874508995za200&_p=1711034144191&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&_fid=d-iENOuUBPDhttiMbJWplm&cid=91007886.1711034144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711034145&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase&tfd=2943
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:15:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame F26D 252 KB
69 KB 32ms
32ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:23:38 GMT
content-encoding: br
age: 3127
x-guploader-uploadid: ABPtcPoWZgDrMM3QDjMq275zYynlyQhD-_MW8nJSFpK9p2WfouY8OH9jPkQcUreZARG2PmdIL0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70641
last-modified: Tue, 19 Mar 2024 13:20:22 GMT
server: UploadServer
etag: "55abb77d6ef5f32c187228af79a39e07"
vary: Accept-Encoding
x-goog-generation: 1710854422256649
x-goog-hash: crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70641
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 21 Mar 2024 15:23:38 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 40E2 252 KB
69 KB 23ms
23ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:23:38 GMT
content-encoding: br
age: 3127
x-guploader-uploadid: ABPtcPoWZgDrMM3QDjMq275zYynlyQhD-_MW8nJSFpK9p2WfouY8OH9jPkQcUreZARG2PmdIL0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70641
last-modified: Tue, 19 Mar 2024 13:20:22 GMT
server: UploadServer
etag: "55abb77d6ef5f32c187228af79a39e07"
vary: Accept-Encoding
x-goog-generation: 1710854422256649
x-goog-hash: crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70641
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 21 Mar 2024 15:23:38 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 7CCF 252 KB
69 KB 37ms
37ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:23:38 GMT
content-encoding: br
age: 3127
x-guploader-uploadid: ABPtcPoWZgDrMM3QDjMq275zYynlyQhD-_MW8nJSFpK9p2WfouY8OH9jPkQcUreZARG2PmdIL0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70641
last-modified: Tue, 19 Mar 2024 13:20:22 GMT
server: UploadServer
etag: "55abb77d6ef5f32c187228af79a39e07"
vary: Accept-Encoding
x-goog-generation: 1710854422256649
x-goog-hash: crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70641
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 21 Mar 2024 15:23:38 GMT

POST
H2 200 feature-flags Show response
api.sezzle.com/v2/shopper/remoteconfig/ 332 B
1 KB 206ms
197ms XHR
application/json 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-SezzleInc-Trk-ID: e8b49c50-dfb1-4148-918e-ff168d1d14d1
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-9a88c34334a341c57447c8a180109908
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Thu, 21 Mar 2024 15:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 feature-flags
api.sezzle.com/v2/shopper/remoteconfig/ Frame 0
0 197ms
197ms Preflight 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Thu, 21 Mar 2024 15:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 401 status Show response
api.sezzle.com/v5/shopper/auth/ 24 B
972 B 200ms
200ms XHR
application/json 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-SezzleInc-Trk-ID: e8b49c50-dfb1-4148-918e-ff168d1d14d1
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-Device-Info: {"model":"","type":"","vendor":""}
X-SezzleInc-Auth-Version: 5.1
X-SezzleInc-FP: v0-a3488c1fdc9c930708ba57625b30685b
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Thu, 21 Mar 2024 15:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
content-length: 24
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 status
api.sezzle.com/v5/shopper/auth/ Frame 0
0 197ms
197ms Preflight 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-auth-version,x-sezzleinc-device-info,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Thu, 21 Mar 2024 15:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 602ms
560ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=75f23c1c-88e0-430e-9bb2-b4faa950b32a&SessionId=5d18db95-2db3-4ca0-889f-b7b3e55716f5&PageId=de4c8325-ed7b-4d29-8edd-fd08980c4935&Seq=1&ClientTime=1711034146870&PageStart=1711034145821&PrevBundleTime=0&LastActivity=706&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 74e67f47b47dd3bb52ca4e75ac0bfc9a5154546afb5f956150c00f0ab818672e

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 b00093d2fa1313225ae0.chunk.js Show response
dashboard.sezzle.com/customer/ 1 KB
3 KB 24ms
24ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b00093d2fa1313225ae0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fc02e3a556b5edb0d4dd83a33535313668619fe1cf464b32b5f1ea43d8dd6d79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: .FaaRk5J6HUPpVKbjDBq.fMZIYolZ_oQ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:45 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"c5f6fbaa69aefab9a350b4c5aa16a77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: OimqBa3EffuME062T8R1Z66w-SOUKJW3NYgHrNeqa6TzopdhWDLKgg==

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 195ms
195ms Preflight 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Thu, 21 Mar 2024 15:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 208ms
207ms XHR
text/plain 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: e8b49c50-dfb1-4148-918e-ff168d1d14d1
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 client Show response
api.sezzle.com/v1/accertify/browser/ 22 KB
10 KB 206ms
206ms Script
application/javascript 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/client

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/59ae3805c625c3f8728e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:47 GMT
content-encoding: gzip
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront)
x-amz-meta-build-version: 202302_01
x-amz-meta-client-name: Sezzle Inc.
x-content-type-options: nosniff
x-amz-version-id: jAAK0SFQ_qqAud.1QQmzcc7DcvvECa9o
age: 279
x-amz-cf-pop: HIO52-P1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Hit from cloudfront
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-replication-status: REPLICA
x-xss-protection: 1; mode=block;
last-modified: Wed, 05 Apr 2023 23:26:51 GMT
etag: W/"0b3f30d2c5828913f07f37e867212a52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
x-amz-cf-id: YLRQXGWLoytgziz_04-cTjoFYJsKHp79mFZwP6twZP8eDFdFzSAQVQ==

GET
H2 200 6ffb02663b0ab45e554e.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 259ms
257ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JmclyQbBh3AKbqkrqTrtOamVj46RFMuE
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FaRW1Qv25XaNAK98nKC01GkrbOSGUEB5sktFMT1xdY4wnJ84dUAzEg==

GET
H2 200 09bd04621566e437c5b7.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 267ms
265ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Sa2k2HqlYnUAsOAejy9QIFfNHBf1OPqY
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: r99Xe2NBcbzK86FQyBis1YB8pqRit1mn9Qz-Xj56TmeWJud9Q04a7w==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 265ms
257ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: kWMAfnSXAH2pPitOircFvSyftOcYMw56
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jbTLWVmJRLRhpCK7C-t_-1xdwpCBO4WT_aO0iLzom5pIujKvhsJ6KQ==

GET
H2 200 fa3ed811783641bef592.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 266ms
258ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 1E0HQPYNDcB5QZthmgcIiQ9NryS40p12
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:30 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1JxhX9fJYXMb193v7vzeh7OL22fjwbkMrIakTVbJibV7c2qc5PH1Sg==

GET
H2 200 af0aa6add0b350681528.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 721ms
713ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rv0znRgSussDIAhVCPveVEgMv78qKi.E
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gSOTyIVBqA0G_3jPihhN1qqmwLq5Ncn7aQAwM3TV4acp9NiXa8FfUQ==

GET
H2 200 e92b753dbaf156b7a9eb.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 268ms
261ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e92b753dbaf156b7a9eb.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: UacLsh_pSjRBdE2cQMR4CtCh7IUmD3.p
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:30 GMT
etag: W/"31d0494963b78e6bf8bc76a1d89ca974"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -sHo7JsHVSTEk1DtaTChNEyR5x4fYouZFNAiL1zP_8BXhVDaSdBY8g==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 263ms
256ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: DwBSW1CPJGI0uSA8SEO.YIgEZ1booxey
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fSYRQcTuQOBviQy6isKWkuZgKAyERgpLxAh8_1aw3BixnEnt7bTa2A==

GET
H2 200 14682bb3c63cae512aec.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 263ms
256ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ClpvuMhdX_TN1BRcZvKgzkHL.3UishB7
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:15 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: NGApSvL7k4IPb-ZSQt_bLPUIvCWj8rqAzpwSalolp-rh6CS1huo8_A==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 274ms
267ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: iF1maIz8SUbGdunsFMb4d5NWHsP1CzGF
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: p9qIhUGcNXCmcco-XB7fYmi-pKNLom_KcMl6Lexzpg8RyTcoSImexA==

GET
H2 200 5943a84241d36f5283e3.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 256ms
248ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: uBoGZoioBjcRc.BO4DkyxaQP6f8JxDGC
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _adVYmBMphZ9JzzZ0FsjGLQket2hJx6nveFDLmtgouoMilUYH3CMpQ==

GET
H2 200 dbbca07b740328687038.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 277ms
270ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z0EBZnOO7vILWQ04Rm2bdL4nKdwRpP9i
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RHfpxu-7cSpqF0o4n6znCP6kkODCllNJUCLHChMhZlrDVHWC952BDQ==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 729ms
722ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: isdFeEVPjHBAOndxtwVyqV4dg.Xh90r3
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:22 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZIk-0eXlO2cWTGJSjSr36UdSfojQQlg3Wm6rn1J961EV3TTGYD_F0Q==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 337ms
330ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zNSnYLwErMTcZ3Ytr7SvgRLpJCuoL3gL
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: xcfF6rlTKL7TKouNUkL9cdMDTcUCNyeQ8ZfEBNtudJMZWXZ-YiDWEw==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 295ms
288ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _Hq4pYpJvwrkfLLuao2vtLVrihJLZniP
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Fv3bbqAOLdSgS5kOa003YIcwSvsHpSC4alIx2ASL2mupS8DLYYBdYA==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 279ms
273ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 24CLobO_fntNYl339Smg_4fNElQVDJeD
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: djer1MS5_BVIbDMgGGQjf3h15AzzIFETBGVizfMSnSKCEzGyKktrjA==

GET
H2 200 8811832d6a39201bc198.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 755ms
748ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: UieDHTAuYT3F0qH5OUvyLgGav4TLQU96
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -i5W9HXKJJlqFZdsNhqrPjADsWjsEolB_4f5ewq2lNc2DgHnmEbUDg==

GET
H2 200 4760ba3062e72a347205.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 819ms
812ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: o1SBYjltLhN5a56o.RMzP6wGFqtb0uGY
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6pBbah-xFkCw65YycP5QxzT5jJkF4THBU7F4MHtdsGb3s3VCMUXhVw==

GET
H2 200 4264c93c1d764c35847d.chunk.js
dashboard.sezzle.com/customer/ 0
15 KB 328ms
322ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: A2VPjGAsk1CElp.1HHZl2_pHjC8IUgpW
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: w4-gRSw3TQ5p9YAr04BnnejKwXwefCNMHA36ZLPgfOUYOUeN3KXPAg==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 738ms
732ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WIdZgwpIeYK.hI2zN_SWOwQb0fOxiu1B
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kbXLCjAglZH-PCUOUWXYbc-wbkLGEeskWKLFitO1cHyUFX4KVJYHpg==

GET
H2 200 9e95813fcc803f7dd100.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 745ms
739ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yrTOa185SJnvc_ze0NtPuPVZk8eChsnw
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0QyVxbJ-jfZoiCZjJ2Jf-GpccVkT5gPJBvAzrqaBkodzS4ty-J2EyQ==

GET
H2 200 9fad61294dfc4b014954.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 737ms
731ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zqh9lLt8qbM5rDbcyILPJwNzVdX5QxFj
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RZJzh8vZaa7B-ZBAJoQ-WJNnwM0jd-oz8tPp4O6Uao_8UwUxWpVX5g==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 304ms
298ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: btWnxdjhtOAz9seTJRIbhoaWJRmW3cKZ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:14 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _6fxPJeP745nPtNteTYPoddFvtLDAo2mnfs9j2XQdrGEIMniLeHS5w==

GET
H2 200 0d01b350befed2dee3f1.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 739ms
733ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: e9fejZIPQgNCKnAG8o7zZidFWEtiZdt_
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:14 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: KKYT8d4qFYdrsdelQmz4VYJvMuLjFeL93zk5oH0yXOiytTMw7pG3kA==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 286ms
280ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pwPf4AR6RKLZZTA9Shtwm.oiaFNlXk_O
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZX9S85gZ_h6QSJgI6MVUY3VXJfN6O2D49HQrrC0cDErGI2bDGt67aw==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 592ms
586ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: eG2kFVjiSYYyu4G4dWRXekaxbp9_0OBO
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: qkoObAErqJqsGIvciC9ThMzgRqbphB8Ct2og4k__K_NqVGPrHgTjOg==

GET
H2 200 8234e2dfceaefe948816.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 361ms
356ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: FV7t9PzF6ijT7Axo5IkLlhd6UyjWWtwv
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YIIHSgvhRwPKZfd3ZE-PjcA34BN5upsOy3Y-1E_nHaieoR91PT0HHg==

GET
H2 200 a097f2bf8c32774866df.chunk.js
dashboard.sezzle.com/customer/ 0
8 KB 797ms
792ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Dk4lmIhRvfR7Awywzjmb8SJDhKs9f5l7
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: pqDXBosF34qq83NxAGvPbnvQHPoQq66wvneAPv0Ni_d7B9mnQkVePg==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 344ms
338ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WIzRpwCqntlEJPesOpUOFzH14w7Dnj1D
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FngFP2zNfyo_Ca1x8xGO_jgZOl_NrpOr1camTt75ILn0mcePBHJDpg==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 799ms
794ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AfjwSs74cJp1a4nXbgpNGp027umBKJaN
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: DkC27R91Az1tEhDuauw2yTNp0pwhL47QE4-gEpYXDkgq2VMSEzdJAA==

GET
H2 200 4508149fd282227b8d0f.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 752ms
747ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XrofpIJia6DvTIrCf5Y.I9IFBgWIA8VB
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tqOlE6DFKwGMmz7ANrKruHu0ORP5DR4Grl4kZ2dpx7Ld1TUVHKcJBw==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 806ms
801ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NlEccB3GnKa8NANmqDqip2aHV4B40Aq4
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:16 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4ejvLjOcvt14JTTxJW_wSFCN16e3PbyoOOednrtYv2iGcAa5hXXcWQ==

GET
H2 200 a98d1424cac4789c93a2.chunk.js
dashboard.sezzle.com/customer/ 0
29 KB 334ms
329ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 3ykmy76cpdMUCi.4.UztCOUrdDxFxPsA
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: omJN3SJBSWEkDZ5XaGB6wN0NiQrrEDz4hz7kD7Dk_KVmCUFunbjNDg==

GET
H2 200 824d6f85b144437f289b.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 741ms
736ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _K7X8aXlVu02bWLsvRYTikOO0KNTc_Ub
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ml4YmJpRkf1mkNM6y1cexvGm-yyLbZ29K87qpeYX0jv5Epo1mRW_6Q==

GET
H2 200 14be24bccbc068111182.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 608ms
603ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wIXee5m9numJFi25eLoajMlyyJ67EP9U
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:15 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: cUhzdbfXGQjhXZhx35Hw0vvCkgk6rKuXvYeHItZxzxMvs-bHXZPWYQ==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 813ms
809ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ITKY3SS1Yl3WsIqyxvR0uUqmrX2TaMk6
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7dNONxjsqqdc57vwFT5Tuyxl2kEJt2VATWORbbR_Gvo9rZH5kSoEmg==

GET
H2 200 33f63368e5f08d323b6c.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 583ms
578ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/33f63368e5f08d323b6c.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0NMEiBv.WeCK90rdheG5ThIw8yHVGhee
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:18 GMT
etag: W/"238897e95f543dc5260e88130647ee2d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ttZSFMEL-EulGfnls5hdshl_C7Uwbkp_LfHkyB537P6rOPO8uGXJMw==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 329ms
325ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Z0oKKrJpJyy_2MuO_EWgOnCENDOMVpag
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: UHRji6xyhgA6zaT4A_qyNrfA7o1Xfu705aB1ovApSpxbOkeBY8M85g==

GET
H2 200 d3e0b27b541a88b56439.chunk.js
dashboard.sezzle.com/customer/ 0
21 KB 331ms
327ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: nmagLWTV2hCUu7DeYGcDV2ROk6YTs8_y
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Hbj_e4tNX5tsGGJXRoCP8G39pirPwVZmRNVGzVeuDP8u8NBDu5A43w==

GET
H2 200 95752ac49145b73483d1.chunk.js
dashboard.sezzle.com/customer/ 0
16 KB 809ms
804ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wbbVT7gBHdMtNqSDRk.y7O9TWt_DqBV_
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5eXaLJFnLGcEbb7ZgF0L1XsWPPmkU6ZxxlVYFwymIdrKqvGbzzqw-Q==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js
dashboard.sezzle.com/customer/ 0
6 KB 823ms
819ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hciN3xZeO0scaGuhcISrdyoLPFIaKJYi
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:18 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: NTMiIZQaPBT7alCTXb3z6eqCrivb8LCFtbumkkCiyUN1bRxa448d-g==

GET
H2 200 4aa5798b018517a651a0.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 786ms
782ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pCtWh8sSOLJqUJ4Ib5o7XZ_KW2Nd2t1S
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _gx4yXj6svf2bo7bb90nxZL-WALs-W-q7r39CJdIajPa8KbHxzTA7g==

GET
H2 200 3f4aba9f5964d1741939.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 324ms
321ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: oAjiHegswkVGXR1fyWWkjAuRqs_aly0Q
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -k-mHb-xMZcFTRIA8XFjnMd0CPxjD90c9P2oDrDl8ZAQ1UEaot34HA==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 742ms
738ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: V3gkwcWebsyNoJTF83LGqfxv0tIMDU2U
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6pD9fCnQi419IXR2dF8cAl-13tmgqtpvg6YKRXLxQnIarDxxhLQBiQ==

GET
H2 200 4a0ba63f290972189691.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 605ms
601ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: jPTI8NBQo5xlRAaj3VW6l1w8MX2rReMP
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: MTUX6VJMqxnvx-oVjR4iJVKBbScY_EdrfZqK1Fkgc7Je1iorB6Ygsg==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 332ms
328ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: IIAkonHTWWgQ_ww4SCkOD.M3IE6EhvxZ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vQKY4p9b5YAmNe4jMkvOlBSv2Z0e1Opb5mJRgs4waztTgefjPRT5YA==

GET
H2 200 c5b620c163f3b359d753.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 393ms
390ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XR3edZabZ6KZiVU8AmNUemRdE0e11CX4
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 01MCnEMy2Gdxy5D_Vtv6qQ3MRUx4GsimcNTKyy97W8JfIpuOrudJSw==

GET
H2 200 b508ebff5126e8474986.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 811ms
807ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8WvCHwmHTjIEQ7NacZEyjFynQH0iouL5
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: lxKN82SyszFPnfz49zpmNkl589Jh5httQcBmIqM-t758xU0hX1MiMQ==

GET
H2 200 95d58c447de1b1125092.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 730ms
727ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MMUJdGn2HwTe53G12BTmLAvJB_aMLHFE
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: p-0fOhfk9QpYLEOtKDCiHhKSpfSbz0JNedQwNuIo4OO68rXanXz9JA==

GET
H2 200 94376e38e631783ec8d6.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 361ms
358ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WxDaHYLCx5orH1ToeiCWH9fb3yxXrJNk
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Wwq0N_flz6rdjwFx9nPyBqAwVm-Q9xA9CQMGLDIN6AWYcasZQj25ig==

GET
H2 200 8e0a43f0256a3165a631.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 733ms
730ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ISFq_BedyqW04AkSKhVp3OjaZNmgGyJ1
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ese6Ne6yyxNW4pnYBXiyATEUwMJLDdtNZX5I8NTvU4pogZIIF1ZKRg==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 814ms
811ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 035qnsTWqR1_NwGE5WmgfUDX9Fbia9kA
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0Fm_1bk6FSznGHMtxALfZc4NoXMdP4KHMFhBK7N0tVybdKD-CpUBcQ==

GET
H2 200 27fb5d991e982837bbb5.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 827ms
825ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JDzfe1tAxATX.SJtagSJw16DuBsKvTns
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: GuS3Wux6wRF2VGasLfHWjiHB5sWzcEGuwX5rPBf4ul8NPoTOK3AonA==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js
dashboard.sezzle.com/customer/ 0
22 KB 827ms
824ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: DqhYbFcafSuDbJz7MOxVbGn864U2rv5b
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: R-O2YKCoqOBMsXnWmQktS1nv1q7zsxxt-bB1gqO0Ee6KVLDJWp9Z1g==

GET
H2 200 a6f6d1f751dcb2c91130.chunk.js
dashboard.sezzle.com/customer/ 0
51 KB 817ms
814ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a6f6d1f751dcb2c91130.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: bIxMiIWCIm0sHCXX3eaXCetV5ummZyId
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"8337805189f6b05e142916fb1939aae0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 11GVG6UmsrKR1x0uBui0Pq_mCoMhgWr4yRhFQSqB1Al1TFmLiAWO5g==

GET
H2 200 e09d48e2409b9f29e8d0.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 736ms
734ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e09d48e2409b9f29e8d0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yamYSzVNXaDrWETmUkdhfJQpAey7Uebc
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"38eb356959ca661dfef9bc930c6e10e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ALp3pxtHGKqH_xiCph3Oy9XhwLZkPRfQPo8cDo4aKV5eQPsKPWuE9w==

GET
H2 200 a45c59dc5ba886671582.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 344ms
342ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a45c59dc5ba886671582.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: my4gsVCDZ57PFo7VPVsqHx_n1e5_ltQp
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"8fb1fea3a59a8c77a58813efb51699dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ruKdePL9jl2_W538XdOAJPtlp3b4WQ8q9WjuXy2Rz0oqT30JDK-_wQ==

GET
H2 200 52cea44d2b38108385a3.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 342ms
339ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/52cea44d2b38108385a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: M4fgxQuRO46Wv5aPNXTi1HWN6BzEqegs
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"eac43504cc149c975296e23b48999bda"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZFT32KAZn05eRDs4bHwdHh_QYsrSm5CoiBfTrJKCBREMkSXXZp19GA==

GET
H2 200 0463d29e0b188837e4d7.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 747ms
744ms Other
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0463d29e0b188837e4d7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: HBk7SohfjXprdyL3qJZV0gh5adQfH3FZ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"d4e69ca8c4c49db025c859aa9925c4cd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: d20TNUPsXO0SkE60KLZfVTCoG-Byr9aCE4GT-DeqM3BFFozsylSt4w==

GET
H2 200 d5f5e6f325231033d4cc.chunk.js Show response
dashboard.sezzle.com/customer/ 3 KB
4 KB 819ms
818ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d5f5e6f325231033d4cc.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: T0QlUtKjc7Epc9DJupYHsoz3ysuh8tYs
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"fee56067ea57ca1eb89bc5c82204636b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Kjo8KO3DMx0OkTAwC1BP4L9wEV5o2fUIO16VQWKDI2D9xpFGbErETw==

GET
H2 200 bf.html Show response
api.sezzle.com/v1/accertify/browser/beacon/bf/ Frame BE8A 6 KB
3 KB 297ms
296ms Document
text/html 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-type: text/html
date: Thu, 21 Mar 2024 15:15:47 GMT
last-modified: Wed, 15 Feb 2023 22:01:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: accept-encoding
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront)
x-amz-cf-id: J6GmbigTtHK8YMd-lq-zhY8b0jOlbg8RjIbi-fquaXXgAxkapW4vJA==
x-amz-cf-pop: HIO52-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 cc.js Show response
api.sezzle.com/v1/accertify/browser/ 39 KB
18 KB 414ms
414ms Script
application/javascript 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/cc.js?sid=beee383f61fe5c6f&ts=1711034147169&namespace=advc

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

7714f338a1d0ebf6e300bbf3e0d025b0e4e65ea50a6c1237a72ee8ef661d2372

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 bc24eca5e5d9f4acf2b3c88b0346cbb8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
x-ia-request-id: 94c509e89b3b0c820c171b65fe94b803
x-amz-cf-id: 6ILwcKto8vVKcjuJGqJUuPMu8AcQJRqdmnR5KNecHY8DI7VcR0062w==

POST
H2 204 et
api.sezzle.com/v1/accertify/browser/beacon/ 0
1 KB 211ms
210ms Ping
text/plain 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/et?c=gLaZegefMpAvkrns_6KD2oLP8FU&t=2e78e839497e6ea3711fc8a741c1948cb5a4

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 15:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO52-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com, *
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 92nSkUhyBETE5MycTRpJ-lE_irnHM2C60U7tZlAyOGmScu_aAFowBQ==
expires: 0

POST
H2 200 gt Show response
api.sezzle.com/v1/accertify/browser/beacon/ Frame BE8A 39 B
1013 B 212ms
212ms XHR
text/plain 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/gt?c=gLaZegefMpAvkrns_6KD2oLP8FU

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

268542c8b427aceb43daad316110e91ef4706873ddb56b1c2299fdccf6b51b76

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO52-P1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/plain;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 39
x-amz-cf-id: 6JK29atI2rpO9HmoG2xVNZcGNnTcsD0IUE8gWb2VScgkR0Gh6Gej4A==
x-xss-protection: 1; mode=block;
expires: 0

POST
H2 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 41 B
98 B 75ms
75ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a1c9633c394e90842ea5cf97f7fea3ecdada49fa6828b052757d695fe8456ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 15:15:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 6ffb02663b0ab45e554e.chunk.js Show response
dashboard.sezzle.com/customer/ 62 KB
18 KB 59ms
51ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JmclyQbBh3AKbqkrqTrtOamVj46RFMuE
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: hsdffRbVY9Mpju4Fti8StCWvhitefvmyhT-TQFRZHKJ5uX2o7RKJpQ==

GET
H2 200 09bd04621566e437c5b7.chunk.js Show response
dashboard.sezzle.com/customer/ 35 KB
11 KB 59ms
51ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Sa2k2HqlYnUAsOAejy9QIFfNHBf1OPqY
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ene6TfWx2tPGWmIbBqRo02QhYG2Rer9OP5msCbQ8_CkBgYZVOkAu9A==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 61ms
53ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: kWMAfnSXAH2pPitOircFvSyftOcYMw56
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Qu8fsFXLy-C8rXnvSD-yH5-QL9EjiOr8UMC3dEHQNw3IpbNcjpw5OA==

GET
H2 200 fa3ed811783641bef592.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 64ms
55ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 1E0HQPYNDcB5QZthmgcIiQ9NryS40p12
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:30 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Z1F_aqF51U5k121MnIVvoFPOwXfgYctSYYetaHH79zI1npHHgmClhg==

GET
H2 200 af0aa6add0b350681528.chunk.js Show response
dashboard.sezzle.com/customer/ 82 KB
24 KB 61ms
52ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rv0znRgSussDIAhVCPveVEgMv78qKi.E
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 0
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 48lDW62gRk-8uBrnpErtwA2_LKeHDCXrvnakrGQPzreShbpaHP-kLg==

GET
H2 200 e92b753dbaf156b7a9eb.chunk.js Show response
dashboard.sezzle.com/customer/ 28 KB
12 KB 64ms
55ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e92b753dbaf156b7a9eb.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0f4caa80387ca308b6014ea7bca6befe3d7cc85fcb3db0370b00686bae9ae802

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: UacLsh_pSjRBdE2cQMR4CtCh7IUmD3.p
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:30 GMT
etag: W/"31d0494963b78e6bf8bc76a1d89ca974"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: r9-1UtXnzckFigM2PCta1x97etFYBG7VH7R6YKc_Oa79neWMLk7p3Q==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js Show response
dashboard.sezzle.com/customer/ 66 KB
18 KB 65ms
56ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: DwBSW1CPJGI0uSA8SEO.YIgEZ1booxey
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ie5jtsOBC-6J4vZPkm1nGlIxo6IIA00mBPij5UhWzzqzwPGS95x76w==

GET
H2 200 14682bb3c63cae512aec.chunk.js Show response
dashboard.sezzle.com/customer/ 98 KB
25 KB 62ms
53ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ClpvuMhdX_TN1BRcZvKgzkHL.3UishB7
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 0
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:15 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FPk6CHAhxQBNy8dsxBuvJpTPg-ZuAeiH2tnfvbvycb0rR_iG0RRmNQ==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
9 KB 65ms
56ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: iF1maIz8SUbGdunsFMb4d5NWHsP1CzGF
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: x4Kp9rtMBqucOqfCk8fvROlrnmBqf1gq-vsW-bVJhPneHhceogmI7g==

GET
H2 200 5943a84241d36f5283e3.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 67ms
59ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: uBoGZoioBjcRc.BO4DkyxaQP6f8JxDGC
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: srX8o-stNKr7FYYs-BFMEEXUQPLRU4FhKJmOU-ByPWc2uWKPb7RbeQ==

GET
H2 200 dbbca07b740328687038.chunk.js Show response
dashboard.sezzle.com/customer/ 29 KB
9 KB 79ms
70ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z0EBZnOO7vILWQ04Rm2bdL4nKdwRpP9i
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: hhQFqbCb56sYahQXownIAHqydCqsg0fy4ZNk_z10IqAProNzcebZOA==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
7 KB 79ms
71ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: isdFeEVPjHBAOndxtwVyqV4dg.Xh90r3
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:22 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ppLvSfjzIhDstzWgMUQR6g3Ylx8RszdnX5AB0Uy4zHRnBn1muCPWFw==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js Show response
dashboard.sezzle.com/customer/ 15 KB
7 KB 84ms
75ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zNSnYLwErMTcZ3Ytr7SvgRLpJCuoL3gL
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: abFTzym0XZ9CpwPeYDCuE9iHg5X55DqCzqbh6WbGL88e2hweVPFLDg==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js Show response
dashboard.sezzle.com/customer/ 45 KB
14 KB 80ms
71ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _Hq4pYpJvwrkfLLuao2vtLVrihJLZniP
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WlIVvEofnB7KUxniNX1yZ0zCw4qoLkqdrgc4S9-5GGrtKN4hEvjcKg==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js Show response
dashboard.sezzle.com/customer/ 70 KB
18 KB 80ms
72ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 24CLobO_fntNYl339Smg_4fNElQVDJeD
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: pilgW0QDzgpNy8t5UVR-f5cpDZXctAOak8sNR0HuJv5sH0GGQLBNAw==

GET
H2 200 8811832d6a39201bc198.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
11 KB 80ms
72ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: UieDHTAuYT3F0qH5OUvyLgGav4TLQU96
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vWCej6O2XJmTc_MTnsheCjfAgZROyV-ChpduPR0-WXd8DUhkT8B6eQ==

GET
H2 200 4760ba3062e72a347205.chunk.js Show response
dashboard.sezzle.com/customer/ 83 KB
26 KB 81ms
73ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: o1SBYjltLhN5a56o.RMzP6wGFqtb0uGY
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3H0YjzjjH7PaC6svogEHa5Y3AWRmgatFksCpzMw1rek-Gi4d7UaLWw==

GET
H2 200 4264c93c1d764c35847d.chunk.js Show response
dashboard.sezzle.com/customer/ 55 KB
15 KB 87ms
80ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: A2VPjGAsk1CElp.1HHZl2_pHjC8IUgpW
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: VuDiQL5S2c5sYK-bXLay8zoXrW1JH47aKfJ2pdBo--EzTlPhvbM5Uw==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js Show response
dashboard.sezzle.com/customer/ 61 KB
17 KB 81ms
73ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WIdZgwpIeYK.hI2zN_SWOwQb0fOxiu1B
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 0
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: AC6uC2d63MJ7KPctSFJe1R7_S0FHN13hoTy95SbjWeGVvKE-xNU5KQ==

GET
H2 200 9e95813fcc803f7dd100.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
12 KB 82ms
74ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yrTOa185SJnvc_ze0NtPuPVZk8eChsnw
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vzYWwzcdaIU9H4Glkm2h1nG6EuxREzvnQlZVjbdZTBwVEXDlyARTwA==

GET
H2 200 9fad61294dfc4b014954.chunk.js Show response
dashboard.sezzle.com/customer/ 125 KB
26 KB 82ms
75ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zqh9lLt8qbM5rDbcyILPJwNzVdX5QxFj
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3-WqMvEFNAHX8zc0nHRdKBOdZufaYUIQ-I_RX2m16frjmRyohtrvkg==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
4 KB 83ms
76ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: btWnxdjhtOAz9seTJRIbhoaWJRmW3cKZ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:14 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: L7PywsiOmON4uon9ueMCvn0aVitYLrdQADMAGtz0E9Uq9Ibpxr-6Ig==

GET
H2 200 0d01b350befed2dee3f1.chunk.js Show response
dashboard.sezzle.com/customer/ 80 KB
25 KB 83ms
76ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: e9fejZIPQgNCKnAG8o7zZidFWEtiZdt_
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:14 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6w1T3TTuQv26Etqq13R7GDQXtgxeZvOTqkyHdXpPk25xW15SWwJnZw==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js Show response
dashboard.sezzle.com/customer/ 18 KB
7 KB 84ms
77ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pwPf4AR6RKLZZTA9Shtwm.oiaFNlXk_O
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: l5jmeXwvKMdVkWEVwV9nBoYgLk2xA25QUBEAFdqgwXWE24rJ8d14Zw==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
5 KB 84ms
77ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: eG2kFVjiSYYyu4G4dWRXekaxbp9_0OBO
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: JBXkgQlSUDKS43Oasmx4k8iR5g_eCicAtFKi91quI2pyBg5VB1cNuQ==

GET
H2 200 8234e2dfceaefe948816.chunk.js Show response
dashboard.sezzle.com/customer/ 60 KB
19 KB 85ms
78ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: FV7t9PzF6ijT7Axo5IkLlhd6UyjWWtwv
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 8JgGIpizXuXBL9BJb0hctqGEof095y-sFP2xX3mzBljHLEYgKg8PiA==

GET
H2 200 a097f2bf8c32774866df.chunk.js Show response
dashboard.sezzle.com/customer/ 22 KB
8 KB 84ms
77ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Dk4lmIhRvfR7Awywzjmb8SJDhKs9f5l7
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZAPHgjZDhMQJrMAumh2r1zjikn6GvCMfW_e_Hqa2zJqN4qYy2RLk0w==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js Show response
dashboard.sezzle.com/customer/ 54 KB
17 KB 85ms
78ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WIzRpwCqntlEJPesOpUOFzH14w7Dnj1D
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:13 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4SnskU_l3siHeDdMJjXAEWAkcvng51YroC048aK1hGuHCyuFqwszKA==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js Show response
dashboard.sezzle.com/customer/ 40 KB
13 KB 85ms
79ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AfjwSs74cJp1a4nXbgpNGp027umBKJaN
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fwKTEkfHc5VT-yOaUwAgliTlMIy-8Nd2193xzJxWqaNmLx12DS942Q==

GET
H2 200 4508149fd282227b8d0f.chunk.js Show response
dashboard.sezzle.com/customer/ 14 KB
7 KB 86ms
79ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XrofpIJia6DvTIrCf5Y.I9IFBgWIA8VB
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: yTf-slloyZu77ygIQuDstK7kGsJ-AT_CLMuDGXgmvSZzE8kTaMp2Jw==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 86ms
80ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NlEccB3GnKa8NANmqDqip2aHV4B40Aq4
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:16 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: BLmyrsU_fJv1Op1-i4rsIdHGKEgp5qeEHFk5W71pXoJBDU1Ejk4nuQ==

GET
H2 200 a98d1424cac4789c93a2.chunk.js Show response
dashboard.sezzle.com/customer/ 87 KB
29 KB 87ms
80ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 3ykmy76cpdMUCi.4.UztCOUrdDxFxPsA
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TgGxVhzDzTntxRaKBrWK2hajgHico6PCG4VXnl0Yz6W5sI49YN3mrw==

GET
H2 200 824d6f85b144437f289b.chunk.js Show response
dashboard.sezzle.com/customer/ 72 KB
18 KB 87ms
81ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _K7X8aXlVu02bWLsvRYTikOO0KNTc_Ub
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:24 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6F5-AvO5cOdTK7jMvEB0QFLVc2VKkB0OGOHPK-ldRlJW3kKavxu9Lw==

GET
H2 200 3c36f12b1acc880cd44d.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
8 KB 289ms
283ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3c36f12b1acc880cd44d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wNylO3shFZpzlityRJJiThFN5jOINR_a
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:48 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"953e37bdb81aae15964dc7cd7ef7a2a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: cA-ZT-DBbtb2AiEZfKGhjsKgg_0b9xqq1GXfkKIXC95WrIRal8_Xig==

GET
H2 200 14be24bccbc068111182.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
13 KB 87ms
81ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wIXee5m9numJFi25eLoajMlyyJ67EP9U
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:15 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sItE2aSJO80smAQ8rflKROiugdRRf7JHXm-LLF7pgMmF6aE6KK4ErQ==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js Show response
dashboard.sezzle.com/customer/ 20 KB
10 KB 90ms
84ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ITKY3SS1Yl3WsIqyxvR0uUqmrX2TaMk6
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mZ8Wso914axh0PDeuOntipXHjkTN8yjWCyMpqjpdf6Y9--PmSTgrRQ==

GET
H2 200 33f63368e5f08d323b6c.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
19 KB 87ms
81ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/33f63368e5f08d323b6c.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

619051c2e12d83d7838f530986df2b8f4c06eeee4c5b9b4319cc5faae3989918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0NMEiBv.WeCK90rdheG5ThIw8yHVGhee
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:18 GMT
etag: W/"238897e95f543dc5260e88130647ee2d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Sm83HA7hd4mk1JZP8JUaXlBs7mbpbHeSxZSmT_VBrDLNSRAYf6aGhQ==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js Show response
dashboard.sezzle.com/customer/ 32 KB
14 KB 87ms
82ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Z0oKKrJpJyy_2MuO_EWgOnCENDOMVpag
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Z2Xh4kh7uRt_ejogRsfZZX1r4q6p2F30c5S2rcVDzKsZhEIj41mCmw==

GET
H2 200 d3e0b27b541a88b56439.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
21 KB 88ms
82ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: nmagLWTV2hCUu7DeYGcDV2ROk6YTs8_y
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 28KJ5mTLLknkipUFk303Ohdc-bHAlZjehYhGwmvrgkiwAbGnJb5TwQ==

GET
H2 200 95752ac49145b73483d1.chunk.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 88ms
83ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wbbVT7gBHdMtNqSDRk.y7O9TWt_DqBV_
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Q-sQG_XmSuiwkQKsnpeT65SAlhdFj4ufAjdoNgrD33L5nDqmDLy2yA==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
6 KB 89ms
83ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hciN3xZeO0scaGuhcISrdyoLPFIaKJYi
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:18 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EUwQqn6DmJURjGW8f8xKchMsAll_edjhXhFlPQQZ-u1E2OnOQOgJrg==

GET
H2 200 4aa5798b018517a651a0.chunk.js Show response
dashboard.sezzle.com/customer/ 23 KB
10 KB 88ms
83ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pCtWh8sSOLJqUJ4Ib5o7XZ_KW2Nd2t1S
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RHVyfGYUP2mDbs2JVDM0mQIwQh6cNN88Hq3oarczME_y-Pj_C7XRNA==

GET
H2 200 3f4aba9f5964d1741939.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 96ms
91ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: oAjiHegswkVGXR1fyWWkjAuRqs_aly0Q
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:19 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: pXuNMBNLjGFiWEVLHAwY6pZoRmBYWvA0qdefAqkvink--bMyiDbRWQ==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 96ms
91ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: V3gkwcWebsyNoJTF83LGqfxv0tIMDU2U
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:29 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 9oYDNoeIt5sqRKKiYz-0hzthyejqjQYqXZ0DTVLrL4_USWvjKQYtLg==

GET
H2 200 4a0ba63f290972189691.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 89ms
84ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: jPTI8NBQo5xlRAaj3VW6l1w8MX2rReMP
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:20 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 45sAdVEm12jN6IJzFRy4NTxxJs53q54fVCmzri9XFAiWIahJz56uqw==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 96ms
92ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: IIAkonHTWWgQ_ww4SCkOD.M3IE6EhvxZ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:23 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: XzS7rVuojuMGoanbF9OrG-PV_COpqRZ-LgdBxYe-0GqXfqdby7rL_g==

GET
H2 200 c5b620c163f3b359d753.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 89ms
85ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XR3edZabZ6KZiVU8AmNUemRdE0e11CX4
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:28 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nX9oXB4Cub29HJbkM-lGQFX6vexQi7ZwDBRmH_wKOIBHtNEWx1GoCg==

GET
H2 200 b508ebff5126e8474986.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 127ms
123ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8WvCHwmHTjIEQ7NacZEyjFynQH0iouL5
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 14OdIfJDrD2riuP6XiNEXW2wqPTfeIXYi0cE6E2xAZjIqKICHq7ZqA==

GET
H2 200 95d58c447de1b1125092.chunk.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 97ms
93ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MMUJdGn2HwTe53G12BTmLAvJB_aMLHFE
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: szXY4afJ60usnrhZhtgukF2J5AU5wW3x29_uyaZXQczZj5AYemtayg==

GET
H2 200 94376e38e631783ec8d6.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
4 KB 93ms
88ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WxDaHYLCx5orH1ToeiCWH9fb3yxXrJNk
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 0
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: G-EeV2irceQ3h883WEsp3RUVRTGumf9q51j4OLAA6YC0zpXNOs6PHw==

GET
H2 200 8e0a43f0256a3165a631.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
13 KB 126ms
122ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ISFq_BedyqW04AkSKhVp3OjaZNmgGyJ1
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Sac_HKoa81MsXN28PqiGjhfZE1JGzTfJmi4GTzUhSni8OMRLRtn-EQ==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 126ms
122ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 035qnsTWqR1_NwGE5WmgfUDX9Fbia9kA
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: CbODH3-6bhMrdnvzytZjs-jyg5WCmSG6mOzm0oFJw_K22BEJcRTQwg==

GET
H2 200 27fb5d991e982837bbb5.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 93ms
90ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JDzfe1tAxATX.SJtagSJw16DuBsKvTns
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 0
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:17 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TI2pclKYkKIZhy6TILTcrvE_nUKFT_enp4Q4kaiCAZYsuHhsTideAQ==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js Show response
dashboard.sezzle.com/customer/ 75 KB
22 KB 131ms
127ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: DqhYbFcafSuDbJz7MOxVbGn864U2rv5b
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5hqgSFEbFdMfNJ4d-87IDHmuwgINzv_ELl2UnNfgKgZW4OBkrDqegg==

GET
H2 200 a6f6d1f751dcb2c91130.chunk.js Show response
dashboard.sezzle.com/customer/ 173 KB
51 KB 96ms
92ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a6f6d1f751dcb2c91130.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

658856fa07de2a0256f1355abb1fac02ed35d3f37337a7dd0b2efe42c8faea93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: bIxMiIWCIm0sHCXX3eaXCetV5ummZyId
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"8337805189f6b05e142916fb1939aae0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vKg0W-N6I3hbg67P2nbjs9oNM3i1hcTFqaBdzCIkGWheZBuGdbaE0g==

GET
H2 200 a45c59dc5ba886671582.chunk.js Show response
dashboard.sezzle.com/customer/ 53 KB
24 KB 130ms
127ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a45c59dc5ba886671582.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a4a5705d023378c533c36e7aaacb593ad907032e01f6f3b158774706ce108fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: my4gsVCDZ57PFo7VPVsqHx_n1e5_ltQp
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:26 GMT
etag: W/"8fb1fea3a59a8c77a58813efb51699dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -yn2i6Hw09zMpM0o1Lb90ZzhuUnxfOFRBZB5UFXA3cKG9WZ__CnA8g==

GET
H2 200 52cea44d2b38108385a3.chunk.js Show response
dashboard.sezzle.com/customer/ 30 KB
13 KB 118ms
115ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/52cea44d2b38108385a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

73a447ee558a9c9380c54cbe2f5d4de47346d5f49fa488e7fef32f85f29644d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: M4fgxQuRO46Wv5aPNXTi1HWN6BzEqegs
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:47 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 0
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:21 GMT
etag: W/"eac43504cc149c975296e23b48999bda"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wDr5P13Gyn4bIRXYN7A01fx-Iux72PbyiMJ8l6Qhg4xmCKv6d3-F9Q==

GET
H2 200 917019a0d5c385f61289.chunk.js Show response
dashboard.sezzle.com/customer/ 9 KB
6 KB 291ms
288ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/917019a0d5c385f61289.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: FWLPros.yq9MpvF3XFH76u8osZ1fiDEZ
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:48 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:25 GMT
etag: W/"d3af360547cac6e490a6051af4419e9e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gGBHvSeMKgpYmLIl2p8VveaqjUfPevzl53TObMZDlO60XotCxtTG4w==

GET
H2 200 ae9aa0023644c0c6bd7d.chunk.js Show response
dashboard.sezzle.com/customer/ 452 B
3 KB 255ms
255ms Script
application/javascript 2600:9000:223f:fa00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ae9aa0023644c0c6bd7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/50e6403231e2149971eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:fa00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vWYiQkR_Inuo6qfYQbeT61KhTnOh3ke6
content-encoding: gzip
date: Thu, 21 Mar 2024 15:15:48 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 20 Mar 2024 17:04:27 GMT
etag: W/"51d3d543819542bc182233d9d721c530"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QeMmLRXW_SW032MDmP1vrDOUZdBUQdFdwiyWCUiDtuTMkrxQBA1YuA==

GET
H2 200 Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 6 KB
3 KB 20ms
19ms Image
image/svg+xml 2600:9000:275b:a800:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a800:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 04:42:52 GMT
content-encoding: gzip
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 37977
x-cache: Hit from cloudfront
last-modified: Tue, 11 Feb 2020 17:10:33 GMT
server
etag: W/"0fb7c8e946de60d298e697e3143a598e"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: 6yb8skNu0mw9SFaAE6sjUiphMIXsval0YNa3p4O5IpShCUotK50vVw==

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 197ms
196ms Preflight 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Thu, 21 Mar 2024 15:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 208ms
208ms XHR
text/plain 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 ipdetails Show response
geoip.sezzle.com/v1/geoip/ 202 B
1 KB 990ms
583ms XHR
application/json 44.240.246.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.sezzle.com/v1/geoip/ipdetails

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.246.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-246-125.us-west-2.compute.amazonaws.com

Software

Resource Hash

1628d32a3d16c8557d54bbb8790e90e5333c0d7742fcd7714292a70da72a7efb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-length: 202
x-xss-protection: 1; mode=block;

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame 463B 0
0 195ms
194ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVKYq3YsKu4BP53jCJwfqFqNRNdSaxQmJl3XToyDJ3H4pvmbyQCeUhuFHUQNDaMtFpuCmAaXzT2TVUbhZtt7wsQ0sc%2BtH7zk394luuCbVplDCCzCevh6fcoltqF7oieEOYUJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 867ee64bb83c1d94-FRA
content-length: 0
x-request-id: 867ee64bb83c1d94-FRA

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 522ms
521ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 867ee6486bfa1d94-FRA
date: Thu, 21 Mar 2024 15:15:49 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPpqZlLQQcUTRj1bWQT0btHejSp6DHmf6gbFurj5qJQF9CZz4mRKola6jDSY6FUM5F%2F47EUpo3oj6FZ6AVhg%2BZ2bZ6TKhjkOu24d%2BHhX19bCaBmY4gQjbZGxooqvMjpkO4%2BhlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 867ee6486bfa1d94-FRA
x-zendesk-zorg: yes

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21a0af500f4b3511fcaf2dd4876d9c5b1470e52e183277294833f4e8e3805b09

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:15:49 GMT

GET
H2 200 pro-fa-duotone-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 10 KB
10 KB 40ms
40ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-duotone-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:29 GMT
server: cloudflare
age: 685382
etag: "6568cc19-2964"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 867ee64a6d259766-FRA
content-length: 10596

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 499 KB
199 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 11:05:36 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EFB5 46 KB
29 KB 54ms
54ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomleft&cb=kcp86sqj3k5q

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bd45829d3e219c42e40ba482703c75fede337bb7198c1d99951b5f1bf866fc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DbiiMyi2u5sc-2qKKuJwHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DbiiMyi2u5sc-2qKKuJwHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 15:15:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 US.svg
media.sezzle.com/style-guide/flags/4x3/ 4 KB
1 KB 20ms
19ms Image
image/svg+xml 2600:9000:275b:a800:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/style-guide/flags/4x3/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a800:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:18:15 GMT
content-encoding: gzip
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 50255
x-cache: Hit from cloudfront
last-modified: Mon, 25 Oct 2021 18:50:36 GMT
server
etag: W/"ae65659236a7e348402799477237e6fa"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: i-7O9MIDmwzkiI03_cmPRNF3OkEVUzPJLFDr71F2RDzvxeL7iWA17Q==

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Satoshi-Medium.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 31ms
30ms Font
font/woff 2606:4700:e4::ac40:a31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 685382
alt-svc: h3=":443"; ma=86400
content-length: 31024
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "7930-5e44d059ed553"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTmpvTCqkWmIYAt1UsSaeR%2B5SJvwLffwhiwnLNGs1NhnScf%2BmW2z%2FGKMahz5N3Yj6vCnAc28Urf4mLNcDbixlflI0EsPZ0ufbu5ct7%2FTz3g8q6fmy304CfFxFAeYnjSKzVwwgWM4HrjJ9GVhKLsoEXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 867ee64bbdd65b68-FRA

GET
H3 200 Satoshi-Bold.woff
fonts.cdnfonts.com/s/85546/ 30 KB
30 KB 52ms
52ms Font
font/woff 2606:4700:e4::ac40:a31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 681050
alt-svc: h3=":443"; ma=86400
content-length: 30668
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "77cc-5e44d05a5a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdCHi0qwlyBGecthbC6xad57RRsjPpTqi1NS81%2FmjNKlSMy2SvUxnCQ15qIckpsN2hKubh%2Fo%2FN3Bia%2FYjWwzY9Bke9J0EUkO%2F0ywv%2FYUOdnuxi4PW9yYHeBIz0HYdQUeoQt9hHxLuOjns2bgj2iL3UM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 867ee64bbddb5b68-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame EFB5 55 KB
24 KB 62ms
21ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomleft&cb=kcp86sqj3k5q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 14:32:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame EFB5 499 KB
198 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 11:05:36 GMT

GET
H3 200 71GvYfWrnNVQPx7naAg-DUFGFB-SZxDN5_DRjoK90AI.js Show response
www.google.com/js/bg/ Frame EFB5 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/71GvYfWrnNVQPx7naAg-DUFGFB-SZxDN5_DRjoK90AI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef51af61f5ab9cd5503f1ee768083e0d4146141f926710cde7f0d18e82bdd002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomleft&cb=kcp86sqj3k5q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 00:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7337
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 00:30:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EFB5 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 214221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 26 Mar 2024 03:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFB5 15 KB
16 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 243810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFB5 15 KB
15 KB 75ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:28:00 GMT
x-content-type-options: nosniff
age: 2869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 14:28:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EFB5 102 B
135 B 31ms
31ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomleft&cb=kcp86sqj3k5q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:15:49 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 4148 7 KB
1 KB 57ms
57ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf6de3bf5d1d7f985cc115602a2d7a21c0a0aa3424c13a6aaac7509d6a4c1edd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9kQ4JobxMPfl-pRNZKGUZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9kQ4JobxMPfl-pRNZKGUZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 15:15:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 4148 55 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 14:32:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 4148 499 KB
198 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 11:05:36 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4148 21 KB
15 KB 95ms
95ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bdec40129b9f154360448ee18d9ef6b3b1aec8f90f116ed77f60d81cc37b8a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 21 Mar 2024 15:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:15:50 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4148 600 B
624 B 21ms
20ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:13 GMT
x-content-type-options: nosniff
age: 247537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:30:13 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4148 530 B
554 B 22ms
21ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 244698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4148 665 B
689 B 23ms
22ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 12828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 28 Mar 2024 11:42:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4148 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 243811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4148 15 KB
15 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 250904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 17:34:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4148 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:28:00 GMT
x-content-type-options: nosniff
age: 2870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 14:28:00 GMT

GET
H3 200 71GvYfWrnNVQPx7naAg-DUFGFB-SZxDN5_DRjoK90AI.js Show response
www.google.com/js/bg/ Frame 4148 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/71GvYfWrnNVQPx7naAg-DUFGFB-SZxDN5_DRjoK90AI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef51af61f5ab9cd5503f1ee768083e0d4146141f926710cde7f0d18e82bdd002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 00:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7337
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 00:30:24 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 4148 31 KB
31 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6orZHf6qzVS4VJRPgl1g890zmsE1Y1mR-WT7u6pGyjFV7TUV43apuEJN1-WGzfYXl6WGp2FeGd-k4DX7N-b-IajAwjlnIDuo4x_PoFq0vy2wF3owvFfb_hBN26djFfzGd-rMbHn6QadZv9b9vGVHG5-HfhsnSQs0sXPnVkkEKGidsMYiPBdAGFNNqASUXfmP0T_KY_2hQ87TmlqFI0GMQ4QBWesxQXxdc5FUFiKbdulJ6aRu4&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

261e019261935b2aa9015d554e08555eaad79a1ab2d722c55233a81165a76689

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:50 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 15:15:50 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 173ms
173ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=75f23c1c-88e0-430e-9bb2-b4faa950b32a&SessionId=5d18db95-2db3-4ca0-889f-b7b3e55716f5&PageId=de4c8325-ed7b-4d29-8edd-fd08980c4935&Seq=2&ClientTime=1711034150837&PageStart=1711034145821&PrevBundleTime=1711034146991&LastActivity=3005&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ff28d448a175b57f1931c4ed63aa94431360f0031b3f7eb6eed95dd290239cdf

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Thu, 21 Mar 2024 15:15:50 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je43k0v874508995za200&_p=1711034144191&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&_fid=d-iENOuUBPDhttiMbJWplm&cid=91007886.1711034144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1711034145&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&dt=Sezzle%20Customer%20Dashboard&en=web_dsh_refresh_token_login_failure&_ee=1&ep.origin=firebase&ep.metrics=%5Bobject%20Object%5D&ep.szl_trk_ver=v1&ep.locale=en-US&_et=1300&tfd=9243
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 15:15:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1MJLY6RLKW&cid=91007886.1711034144&gtm=45je43k0v886187776z8810595113za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1052688163

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72079130-32&cid=91007886.1711034144&jid=608049517&npa=1&_u=YADAAEAAAAAAACAAI~&z=684689477

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:36:26	Name: _GRECAPTCHA Value: 09AH1nMHKDyxEBXnuT5uZQwsRwGbzqbphK-AzvQBiKaEQx5kkU80fFNGJsf7lLQPHTZmO9td-xkahqVOXAgXF3aO8
.sezzle.com/	1970-01-20 21:26:50	Name: _gcl_au Value: 1.1.896948141.1711034144
.sezzle.com/	1970-01-20 19:18:40	Name: _gid Value: GA1.2.1058210389.1711034144
.sezzle.com/	1970-01-20 19:17:14	Name: _gat_UA-72079130-32 Value: 1
.sezzle.com/	1970-01-21 04:53:14	Name: trk_id Value: e8b49c50-dfb1-4148-918e-ff168d1d14d1
.dashboard.sezzle.com/	1970-01-21 04:02:50	Name: szl_wpe_sid_lt Value: 52ec13c5-7136-4805-8689-fd6f9851fd03
.dashboard.sezzle.com/	1970-01-20 19:18:40	Name: szl_wpe_fs_rand Value: 0.05776836637039451
.sezzle.com/	1970-01-21 04:53:14	Name: _ga Value: GA1.1.91007886.1711034144
.sezzle.com/	1970-01-20 19:17:15	Name: fs_lua Value: 1.1711034145820
.sezzle.com/	1970-01-21 04:02:50	Name: fs_uid Value: #13FHV#75f23c1c-88e0-430e-9bb2-b4faa950b32a:5d18db95-2db3-4ca0-889f-b7b3e55716f5:1711034145820::1#/1742570147
.sezzle.com/	1970-01-20 19:17:45	Name: szl_wpe_sid Value: 11b25078-c098-4fae-a360-7a7b4a75de3f
.sezzle.com/	1970-01-21 04:53:14	Name: _ga_FB5QYFCQBC Value: GS1.1.1711034145.1.0.1711034146.0.0.0
api.sezzle.com/	1970-01-20 23:36:26	Name: _cc-x Value: OWQxMzYwODctZmMzMy00ZDM1LWI2ZGItNTU3YmI5MmYwZmVlOjE3MTEwMzQxNDc0NjI
.sezzle.com/	1969-12-31 23:59:59	Name: IR_gbd Value: sezzle.com
.sezzle.com/	1969-12-31 23:59:59	Name: IR_22203 Value: 1711034144379%7C0%7C1711034144379%7C%7C
.dashboard.sezzle.com/	1970-01-20 19:17:14	Name: _szl_login_success_url Value: /purchase-request
.sezzle.com/	1970-01-21 04:53:14	Name: _ga_1MJLY6RLKW Value: GS1.1.1711034144.1.1.1711034148.56.0.0

50 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je43k0v886187776z8810595113za200&_p=1711034144191&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=91007886.1711034144&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&sid=1711034144&sct=1&seg=0&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto&tfd=1747' because it violates the following Content Security Policy directive: "connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:".
security	error	URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1MJLY6RLKW&cid=91007886.1711034144&gtm=45je43k0v886187776z8810595113za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1052688163' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je43k0v886187776z8810595113za200&_p=1711034144191&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=91007886.1711034144&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=2&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&sid=1711034144&sct=1&seg=0&dt=Sezzle%20Customer%20Dashboard&en=Clicks&ep.cookieDomain=auto&_et=3&tfd=1761' because it violates the following Content Security Policy directive: "connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je43k0v886187776za200&_p=1711034144191&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=91007886.1711034144&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&_s=3&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&sid=1711034144&sct=1&seg=0&dt=Sezzle%20Customer%20Dashboard&en=scroll&ep.cookieDomain=auto&epn.percent_scrolled=90&_et=5&tfd=1768' because it violates the following Content Security Policy directive: "connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:".
security	error	URL: https://dashboard.sezzle.com/customer/purchase-request?amount=2600&type=checkout Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72079130-32&cid=91007886.1711034144&jid=608049517&npa=1&_u=YADAAEAAAAAAACAAI~&z=684689477' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:".
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/0389a4b03c47f4feff45.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/0389a4b03c47f4feff45.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=3a38d3544a42bc0230f5aeabae6b747479315a58 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://api.sezzle.com/v5/shopper/auth/status Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://api.sezzle.com/v1/accertify/browser/client(Line 4) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je43k0v886187776za200&_p=1711034144191&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=91007886.1711034144&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAC&_s=4&sid=1711034144&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpurchase-request%3Famount%3D2600%26type%3Dcheckout&dt=Sezzle%20Customer%20Dashboard&en=page_view&_ee=1&_et=4&tfd=6109' because it violates the following Content Security Policy directive: "connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:".
security	error	URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js(Line 397) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js(Line 397) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js(Line 94) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sezzle.com
apps.rokt.com
dashboard.sezzle.com
edge.fullstory.com
ekr.zdassets.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.cdnfonts.com
fonts.gstatic.com
geoip.sezzle.com
ka-p.fontawesome.com
kit.fontawesome.com
media.sezzle.com
o215203.ingest.sentry.io
region1.google-analytics.com
rs.fullstory.com
sezzle.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
szzl.io
utt.impactcdn.com
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.google.de
104.16.53.111
104.18.70.113
2001:4860:4802:34::36
2600:9000:223f:fa00:5:2c64:75c0:93a1
2600:9000:275b:a800:1a:9a9d:1e00:93a1
2606:4700:4400::6812:2844
2606:4700:e4::ac40:a31d
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c1d::9b
2a02:26f0:3500:11::215:14ca
2a02:26f0:3500:11::215:14dc
34.120.195.249
35.186.194.58
35.186.249.72
35.201.112.186
44.240.246.125
0259b2d8fed6b093abb6612d09dee084d840d68cc1744211e9084a26bc7b147f
02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710
06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708
07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5
0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478
0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16
0e006ed6ba589e382e7527563de8838cb1701c876643c203ea87305b6b8f6544
0f4caa80387ca308b6014ea7bca6befe3d7cc85fcb3db0370b00686bae9ae802
10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7
12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97
1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1
13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f
1628d32a3d16c8557d54bbb8790e90e5333c0d7742fcd7714292a70da72a7efb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82
1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed
21a0af500f4b3511fcaf2dd4876d9c5b1470e52e183277294833f4e8e3805b09
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326
2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3
22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952
25880f9d5ac05faa1077b4f6b2461cfdcab43b57145961e8f551f2c6c699da22
261e019261935b2aa9015d554e08555eaad79a1ab2d722c55233a81165a76689
268542c8b427aceb43daad316110e91ef4706873ddb56b1c2299fdccf6b51b76
2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44
27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf
28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20
2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f
30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3
315d031821c2c2ce7691f7374e6ee74ad95f6020d3f425ea6ec11b8ab11fe1fb
323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c
331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508
3379de048a26fad0cf1ab0f7000cc6181a7f97ea122fa1dac08c51eb34c56f15
3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639
3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60
473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11
49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461
4b83fe55d84be2f70a7a00944a676298cba1abd39c19a46941cd62652559e789
4bdec40129b9f154360448ee18d9ef6b3b1aec8f90f116ed77f60d81cc37b8a8
4bf444e066018f0f9009daa2d787d31859ba6540cfdadeeb9efd1f5a525678d4
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af
513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e
5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664
554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee
58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bd45829d3e219c42e40ba482703c75fede337bb7198c1d99951b5f1bf866fc0
5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8
5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc
610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7
619051c2e12d83d7838f530986df2b8f4c06eeee4c5b9b4319cc5faae3989918
64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea
658856fa07de2a0256f1355abb1fac02ed35d3f37337a7dd0b2efe42c8faea93
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f
68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727
6a4a5705d023378c533c36e7aaacb593ad907032e01f6f3b158774706ce108fc
6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e
6bda657bfe15f4819230d93d20f4f44d657e0dd681b0ac14c12ec6f654ef06ac
6e292a33b33a227a81e36a4703db693c3ead0eb43541961df7222931a2c63d88
6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313
70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71
712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0
717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4
71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb
728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd
73a447ee558a9c9380c54cbe2f5d4de47346d5f49fa488e7fef32f85f29644d2
74e67f47b47dd3bb52ca4e75ac0bfc9a5154546afb5f956150c00f0ab818672e
7714f338a1d0ebf6e300bbf3e0d025b0e4e65ea50a6c1237a72ee8ef661d2372
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984
79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994
7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed
80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e
80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418
8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92
87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61
88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52
896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2
8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817
93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc
943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061
96987d15cdaed054d226578136f46cd4e6f2c0fe70f360a77ebc1821c4b796a2
99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f
a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551
a1c9633c394e90842ea5cf97f7fea3ecdada49fa6828b052757d695fe8456ad5
a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481
a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c
a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9
a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c
a990b3591cc69ec2acfffc2ede431d55a8419fda4c385cfd114cfef4d03b2c1c
aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1
ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769
ae9cd769e2f50446024af16f13ade6601193ae6a48ed1c7d67e94f566af1de5d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421
b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae
b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b
b3ea420203ff652213a1f2990d3af4d88982f6362c3b13519d7e0dd64289c52e
b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac
b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11
b715459e361d5cdd5e1e68473c937b327ac9e51ecff386c4ce6b718f7dd17d33
ba296ecf0ce60b92d316c06e1a10bd052ede53d60d1e6d2fdce42c3cc75d84ea
ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6
bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6
bf6de3bf5d1d7f985cc115602a2d7a21c0a0aa3424c13a6aaac7509d6a4c1edd
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7
cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6
cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a
d28ea32e0e9d777f0bc8456a52c0d14390608e0aa690e1da69a9c4d2fe219754
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134
d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9
d9702cb4e015be963406e31675f1dfe630461575ebd82dcfa764a875010a3019
dbdc4f5b177623abbaf83544440a8811217569c988d7c153750bb36adb0c13f5
dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de43612db6bcfd8eab627648039b3ccbbb87139c713ba3e1cac36910326b7809
e026e20de107ba399c0b6c4e83011096f6496b429cf65c5bfe97ef918b5e2c71
e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778
e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae
e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752
e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3
e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043
e8fad2a1f305f46c7b9ff3931a65b3daee9a75f1ec60798d28784a695039c4c6
ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3
ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772
ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef51af61f5ab9cd5503f1ee768083e0d4146141f926710cde7f0d18e82bdd002
f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce
f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22
f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9
f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd
f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c
f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475
f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c
fc02e3a556b5edb0d4dd83a33535313668619fe1cf464b32b5f1ea43d8dd6d79
fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b
ff28d448a175b57f1931c4ed63aa94431360f0031b3f7eb6eed95dd290239cdf

dashboard.sezzle.com Open in urlscan Pro 2600:9000:223f:fa00:5:2c64:75c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

260 Requests

99 %HTTPS

68 %IPv6

18 Domains

27 Subdomains

23 IPs

4 Countries

4454 kBTransfer

10404 kBSize

17 Cookies

6 Outgoing links

Page URL History

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dashboard.sezzle.com Open in urlscan Pro
2600:9000:223f:fa00:5:2c64:75c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

99 %
HTTPS

68 %
IPv6

18
Domains

27
Subdomains

23
IPs

4
Countries

4454 kB
Transfer

10404 kB
Size

17
Cookies

260 HTTP transactions
1 data transactions