urlscan.io logo urlscan.io
SecurityTrails logo

dashboard.sezzle.com Open in urlscan Pro
99.84.82.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://dashboard.sezzle.com/customer
Submission: On September 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 23 domains to perform 95 HTTP transactions. The main IP is 99.84.82.65, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 28th 2019. Valid for: 2 years.
This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 99.84.82.65 16509 (AMAZON-02)
2 99.84.82.69 16509 (AMAZON-02)
1 104.18.23.52 13335 (CLOUDFLAR...)
1 23.32.238.192 20940 (AKAMAI-ASN1)
8 104.18.72.113 13335 (CLOUDFLAR...)
1 142.250.80.42 15169 (GOOGLE)
4 142.250.64.104 15169 (GOOGLE)
1 23.47.222.230 16625 (AKAMAI-AS)
5 104.18.22.52 13335 (CLOUDFLAR...)
16 35.162.27.45 16509 (AMAZON-02)
2 35.201.112.186 15169 (GOOGLE)
1 34.120.195.249 15169 (GOOGLE)
1 172.217.165.131 15169 (GOOGLE)
1 104.18.70.113 13335 (CLOUDFLAR...)
2 35.186.194.58 15169 (GOOGLE)
3 185.60.218.24 32934 (FACEBOOK)
5 142.250.176.206 15169 (GOOGLE)
1 151.101.12.157 54113 (FASTLY)
1 23.218.209.45 16625 (AKAMAI-AS)
2 142.250.80.106 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
4 104.16.51.111 13335 (CLOUDFLAR...)
4 185.60.218.35 32934 (FACEBOOK)
1 142.251.4.155 15169 (GOOGLE)
1 142.250.80.100 15169 (GOOGLE)
1 185.199.108.153 54113 (FASTLY)
95 27
20    99.84.82.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-65.muc50.r.cloudfront.net
dashboard.sezzle.com
2    99.84.82.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-69.muc50.r.cloudfront.net
media.sezzle.com
1    104.18.23.52 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    23.32.238.192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-192.deploy.static.akamaitechnologies.com
use.typekit.net
8    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    142.250.80.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f10.1e100.net
fonts.googleapis.com
4    142.250.64.104 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f8.1e100.net
www.googletagmanager.com
1    23.47.222.230 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-222-230.deploy.static.akamaitechnologies.com
p.typekit.net
5    104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
16    35.162.27.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-27-45.us-west-2.compute.amazonaws.com
api.sezzle.com
geoip.sezzle.com
2    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o215203.ingest.sentry.io
1    172.217.165.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f3.1e100.net
fonts.gstatic.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
2    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
3    185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net
connect.facebook.net
5    142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net
www.google-analytics.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.218.209.45 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-45.deploy.static.akamaitechnologies.com
snap.licdn.com
2    142.250.80.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f10.1e100.net
firebaseinstallations.googleapis.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
sezzle.zendesk.com
4    185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com
www.facebook.com
1    142.251.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.80.100 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net
www.google.com
1    185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
lipis.github.io
Domain Requested by
20 dashboard.sezzle.com dashboard.sezzle.com
15 api.sezzle.com dashboard.sezzle.com
8 static.zdassets.com dashboard.sezzle.com
static.zdassets.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
dashboard.sezzle.com
5 ka-p.fontawesome.com kit.fontawesome.com
dashboard.sezzle.com
4 www.facebook.com dashboard.sezzle.com
4 sezzle.zendesk.com dashboard.sezzle.com
static.zdassets.com
4 www.googletagmanager.com dashboard.sezzle.com
www.googletagmanager.com
3 connect.facebook.net dashboard.sezzle.com
connect.facebook.net
2 firebaseinstallations.googleapis.com dashboard.sezzle.com
2 rs.fullstory.com dashboard.sezzle.com
2 edge.fullstory.com dashboard.sezzle.com
edge.fullstory.com
2 media.sezzle.com dashboard.sezzle.com
1 lipis.github.io dashboard.sezzle.com
1 www.google.com dashboard.sezzle.com
1 geoip.sezzle.com dashboard.sezzle.com
1 stats.g.doubleclick.net dashboard.sezzle.com
1 analytics.twitter.com static.ads-twitter.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 ekr.zdassets.com dashboard.sezzle.com
1 fonts.gstatic.com fonts.googleapis.com
1 o215203.ingest.sentry.io dashboard.sezzle.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com media.sezzle.com
1 use.typekit.net dashboard.sezzle.com
1 kit.fontawesome.com dashboard.sezzle.com
0 www.google.de Failed dashboard.sezzle.com
0 t.co Failed dashboard.sezzle.com
0 px.ads.linkedin.com Failed dashboard.sezzle.com
0 bat.bing.com Failed www.googletagmanager.com
95 31

This site contains links to these domains. Also see Links.

Domain
sezzle.com
Subject Issuer Validity Valid
sezzle.com
Sectigo RSA Extended Validation Secure Server CA		 2019-10-28 -
2021-10-27		 2 years crt.sh
media.sezzle.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2021-08-22 -
2021-11-20		 3 months crt.sh
api.sezzle.com
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.ingest.sentry.io
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.fullstory.com
R3		 2021-07-27 -
2021-10-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
sezzle.zendesk.com
Cloudflare Inc ECC CA-3		 2021-07-30 -
2022-07-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
geoip.sezzle.com
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://dashboard.sezzle.com/customer
Frame ID: BE185EE83D3ACC673D306529E1E4CCB5
Requests: 78 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Frame ID: 7AC7E955DAC132DC84F5B261AD3A9D27
Requests: 10 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: E42B5A39016772CEB666CB3F557258D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sezzle Dashboard: Log in

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

95
Requests

95 %
HTTPS

0 %
IPv6

23
Domains

31
Subdomains

27
IPs

4
Countries

2386 kB
Transfer

8304 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request customer
dashboard.sezzle.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
9826c009e36fe0da5e92e5b2c8ec5d924a62d7a0908afb22ae775930c6f4c941
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dashboard.sezzle.com
:scheme
https
:path
/customer
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Thu, 09 Sep 2021 15:57:14 GMT
x-amz-version-id
4FkVILTG.IfqACCpt6nhpurN.MoMZ1vA
server
strict-transport-security
max-age=15724800; includeSubDomains;
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com;
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin
content-encoding
gzip
date
Fri, 10 Sep 2021 20:09:11 GMT
etag
W/"41b088f39b1241f4e484bf1f8f411b42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
8v5dMxnT7rE0EOH1vpxFz2bjKFfMtac0-ocAFILyAjbc-5XyQkUw0w==
age
221
sezzle-global-4.1.4.css
media.sezzle.com/style-guide/css/ 		129 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.sezzle.com/style-guide/css/sezzle-global-4.1.4.css
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-69.muc50.r.cloudfront.net
Software
/
Resource Hash
8d29352d4d1c803fd2f2d13512a76ceca4c092188a237d54fa42066baf0db4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:03:41 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 21:57:13 GMT
server
age
551
etag
W/"57c7e593afbb55ce21ce218026a9bba3"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
x-cache
Hit from cloudfront
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
rBjEfIdUmSDvDeWantC7paRP44NbK8TBwYv-LgxB7e8uwYDYLpGnIQ==
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
32f48e933a.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/32f48e933a.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64334d7cb5554ade320e458be83b6093f963bdc54496724c6caa4f58066398e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
68cb50449b5a2778-PRG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FnhtLt1FPGtOZFupzcvC
dji1nuv.css
use.typekit.net/ 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/dji1nuv.css
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0515aace0267a9f51d900b1dd3d7857da6aca764f09fd5323a16aadb1e7b0cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 10 Sep 2021 20:12:51 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
585
snippet.js
static.zdassets.com/ekr/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
ZY2FJ8S1NG6H0X9V
x-amz-id-2
3zU4DNHPJ4u5tjCtah9/Um/ecKMlFkPRGsZNWwXO6Fa5HCh9ujzJua6a/M+FT9Prd02HRfg+M2Y=
last-modified
Wed, 09 Jun 2021 00:08:59 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=802zKroaqZgv5uw%2B3412i7iOebYMf%2Bl6TfoS1Lih4Wpmb7A%2BeJGMI1%2Fh0BNXOWFNXWd0gMD9we%2Bg7GmVEWTa4WKSpVd5EPaOCxzW9uYoPXqJ9yupF9%2FnYk305rcWzZpwO%2BeG%2FoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray
68cb50458ba9412b-PRG
runtime.d4b4bc1df28339ce0b44.js
dashboard.sezzle.com/customer/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
118074c0ce3ae7f35c22ec90abc477b85a24ab9896bc7ae07c8ec983d4d865dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/runtime.d4b4bc1df28339ce0b44.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"385177492eef1bd347d3dc567076b18e"
vary
Accept-Encoding
x-amz-version-id
K1uMz7uZzv0K_y1syf4Ozaw.L9vB7ZuM
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
0atXkPjJ3sDzFK7kbPsq7xcIAO0tYYc46E-h9WFuOR-ynja8jKUY_Q==
npm.sezzle.a7b0fd8bfdca93f72bce.chunk.js
dashboard.sezzle.com/customer/ 		1 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.sezzle.a7b0fd8bfdca93f72bce.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
6876f84f6ecdb4e9abc8810f8c6fd73c122d0038bb8902ae8eb8f9332a41563b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.sezzle.a7b0fd8bfdca93f72bce.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"f27a9ac6032bb5b7577b63063faf36f1"
vary
Accept-Encoding
x-amz-version-id
z7MlrRHKKEndZyPJzRj2usmqiJ2dPs8M
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
UHtPECKsWzWlwxsj8PTKqpLNhEuEt19-kE3rtPovGC2dYn_8AtokTQ==
npm.core-js.a52e62a5942074d5fc95.chunk.js
dashboard.sezzle.com/customer/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.core-js.a52e62a5942074d5fc95.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
ce3d5a8e199cd958fd8087f01e01bd9250a869c3ff266876f91545d140062d24
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.core-js.a52e62a5942074d5fc95.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:07 GMT
server
etag
W/"c194597373f3a6d67306806cc261e820"
vary
Accept-Encoding
x-amz-version-id
h3ZRYxn6R7BuW.gsuss3MgpWu_1ptliH
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
4KRunCHD-EpsYGw83qx56QaOJWi4Z1Xaqs25RGZvTkFLSMVqL39oqA==
npm.lodash.a5f6e9f0260f4cdb65f4.chunk.js
dashboard.sezzle.com/customer/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.lodash.a5f6e9f0260f4cdb65f4.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
10bc36e1d6b50fa50af3b48d4a3a2bae345733d592b9d5c9b39b5e9977135619
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.lodash.a5f6e9f0260f4cdb65f4.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"14010095219f2dfd940102bef8668d66"
vary
Accept-Encoding
x-amz-version-id
mSM8IGb5gGHEiHOjL8_60cLRh71gYNzb
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
-bdyaZjUFEKJ60VYTIcZYvvvLg0cPBX05Hfu9rj9Dfsa3e9VMHlGIA==
npm.moment.79622b2b561b3a533547.chunk.js
dashboard.sezzle.com/customer/ 		362 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.moment.79622b2b561b3a533547.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
cbb6429c652e5da628b9ebcc4ed35d8b104d1b9696496d924fa661c139fe49dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.moment.79622b2b561b3a533547.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"a5498a67152955fcfc32c0ba08a199b0"
vary
Accept-Encoding
x-amz-version-id
TcPyBGz38QTUcWv6n.DXLOO9Mqqy7.77
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
HyJ4VWUA-eoB54V-9u858TOg-UDp9ZMkirByCcn8ShdpTH9npUYWgg==
npm.react-app-polyfill.94928d3cb36a50aed35c.chunk.js
dashboard.sezzle.com/customer/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-app-polyfill.94928d3cb36a50aed35c.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
89c3d0be5853811eb7a54321b76b0b0eff3d0887afd80b9f6ad9e2efe1caaac1
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-app-polyfill.94928d3cb36a50aed35c.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"1e2ad970abc1df22b9a7b5ac0d2c1156"
vary
Accept-Encoding
x-amz-version-id
kBtcmnxL46p6pqUAvogL5tuNIG7GT0rE
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
-rYkjsBUBpkQ3FHIVBQCebobgJTn0Dp2-JTopuZc11GuECHu7XcyUQ==
npm.redux-form.412cc969a9d0e1ee50aa.chunk.js
dashboard.sezzle.com/customer/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.redux-form.412cc969a9d0e1ee50aa.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
1d660ee1823483918997ffb5b64e9a085e47657fab4eb92810eafa3e02ed2ef3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.redux-form.412cc969a9d0e1ee50aa.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2043
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"a0ffb9ebcf2eedf7a0402ffda22824b3"
vary
Accept-Encoding
x-amz-version-id
CJYqNuG92cJxOU.Z_Vc1PyADCLTUWWvl
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
LFGFOfmUScGUJZQv_cTNe3X6CBInPCuwI1gOv7yEmOPz8-CX-2_1dg==
npm.sentry.6184fbf63f9871b2ca5a.chunk.js
dashboard.sezzle.com/customer/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
6eb2c4435e417790d5649480d79dce0b5d6c5c1d4cd818eef4f7595bfdf44a4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"77eb992dc2bbec03a7159c50c98f4d4e"
vary
Accept-Encoding
x-amz-version-id
5K6hHxzW7sLEEXXtjOrk5dUPzf9W30dy
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
CQwV3BVtdPQ6_vL5pKfFTktFeWnw9jp0WsG86Dj-j8Rv6F-8FTU-Rw==
npm.libphonenumber-js.f7850bbdb324c64ae6d5.chunk.js
dashboard.sezzle.com/customer/ 		168 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.libphonenumber-js.f7850bbdb324c64ae6d5.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
96a83ae255efeca137c915b8073be91f113ccb1f80d439fea668bddcd8186c28
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.libphonenumber-js.f7850bbdb324c64ae6d5.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"59a690952fc86016f8ce063309b28600"
vary
Accept-Encoding
x-amz-version-id
UJ3S6yYFpSHJEIsQMNYbT.owR4E.HFiM
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
gYd7YA4xJPUdsg7HU1BEk7hrclC0EEReOf_qLZKK8Y8_KKl-MHQFdg==
npm.babel.2587337bda34560d7d55.chunk.js
dashboard.sezzle.com/customer/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.babel.2587337bda34560d7d55.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
4022a59538c4929ffc401db99b7b3cf9f54915c033374c0590a8692bfd1b6d23
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.babel.2587337bda34560d7d55.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:07 GMT
server
etag
W/"ee7222e6364f009d2d18cc732367db03"
vary
Accept-Encoding
x-amz-version-id
xHPXZSkgrmIBOvwepG.nq_AYu.Dl47qL
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
ywddV3Mc_L1EgLoQ9aDt8v5uCsSvDgq86G_1Bi00WtJDyiawf1t-eg==
main.d4a83d317b33e4f74b46.chunk.js
dashboard.sezzle.com/customer/ 		2 MB
532 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
63434d17aa8f991199611e64bfc195a53a5e1b0b3f2201d47ceefe6cb88cb398
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/main.d4a83d317b33e4f74b46.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:07 GMT
server
etag
W/"ddc95987fa3960b1051a5163180e3d8d"
vary
Accept-Encoding
x-amz-version-id
Zl6_XqPX5jgl42yuITqSbkYylmDHhhoP
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
7_juBakiqxFe8Anolhhi3iL1xSPyMqa1y9hDwhXL2wTljrBm7LmwfA==
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;700&family=Nunito:wght@400;700&family=Roboto:wght@400;700&display=swap
Requested by
Host: media.sezzle.com
URL: https://media.sezzle.com/style-guide/css/sezzle-global-4.1.4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
327aaea46813b16c7434f262477933a26ae9a2331278e75b08f7822477adec14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://media.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 20:12:51 GMT
server
ESF
date
Fri, 10 Sep 2021 20:12:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 20:12:51 GMT
gtm.js
www.googletagmanager.com/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
644ba52f79647c004973532401c0769eed90b9f8797a26397fec05c1bd01a8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63253
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:12:51 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=dji1nuv&ht=tk&f=22797&a=84259179&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dji1nuv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.222.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-222-230.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
last-modified
Wed, 02 Sep 2020 03:58:09 GMT
server
nginx
etag
"5f4f1851-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
pro.min.css
ka-p.fontawesome.com/releases/v5.15.3/css/ 		312 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/css/pro.min.css?token=32f48e933a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f734d8ecda48e6d98faab2e1e9b91d6c5f72b86408ea6e2126d4b1681b92ef4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:23:58 GMT
server
cloudflare
age
7988274
etag
"6051683e-d23c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb50474db74125-PRG
content-length
53820
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.3/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/css/pro-v4-shims.min.css?token=32f48e933a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce885aa8b86fb7d85992aae4435fb45b444f8d3919dca083c83a36d7600f96d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
age
9003
etag
"6051683d-106a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb50475dc04125-PRG
content-length
4202
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.3/css/ 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/css/pro-v4-font-face.min.css?token=32f48e933a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e2037b36515615d60ab5bb486646219d9a2509df36f31a11c9b94ec6f4bd5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
age
7988274
etag
"6051683d-a08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb50475dbc4125-PRG
content-length
2568
create-session
api.sezzle.com/v1/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-session
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type,x-sezzleinc-client
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
js
www.googletagmanager.com/gtag/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3b3b1d19b03a7e7221fe28bbb3ec246959d8e7997b9ed6a90be348f7a37347bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35187
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:12:51 GMT
fs.js
edge.fullstory.com/s/ 		210 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5

Request headers

Referer
https://dashboard.sezzle.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:21:43 GMT
content-encoding
gzip
age
3068
x-guploader-uploadid
ADPycdt1Y215vbW0ZGA9gkrBBovwnWJstrV8p8-ExIMXf9gNiYXq-qAn9CvrrPaxewcZMKUqMjlHTNQhzM2-Ght2JDcNgfLbag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
64293
last-modified
Thu, 26 Aug 2021 17:33:28 GMT
server
UploadServer
etag
"3279f654c7f61ca00ecbb7d2ef197511"
x-goog-hash
crc32c=sObuww==, md5=Mnn2VMf2HKAOy7fS7xl1EQ==
x-goog-generation
1629999208621409
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
64293
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 10 Sep 2021 20:21:43 GMT
version
api.sezzle.com/v3/metrics/ 		0
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=cd9b5eceb42083c5824d8cbc8d2ab823826d3b91
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
107.894d27e2b3f29c74e6ff.chunk.js
dashboard.sezzle.com/customer/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/107.894d27e2b3f29c74e6ff.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
no-cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038
:path
/customer/107.894d27e2b3f29c74e6ff.chunk.js
pragma
no-cache
purpose
prefetch
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2014
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:00 GMT
server
etag
W/"2a5afc8fbd8cc64f99066c7750205856"
vary
Accept-Encoding
x-amz-version-id
7aXeJbCiZNZieokUkjFDIJ.xnqu4o0P8
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
N2EaLVzHVHCuA6TlzWG8_U9GfuBEb3sOBi4MspHhIVlzdbzKQhX4Zg==
create-session
api.sezzle.com/v1/event/ 		0
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-session
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Client
web_customer_dashboard
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
supported-countries
api.sezzle.com/v3/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v3/users/supported-countries
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
/
o215203.ingest.sentry.io/api/1367589/envelope/ 		2 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:12:51 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
supported-countries
api.sezzle.com/v3/users/ 		484 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v3/users/supported-countries
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
null
Accept-Language
de-DE,de;q=0.9
X-SezzleInc-Auth-Resource
dashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
484
x-xss-protection
1; mode=block;
1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
fonts.gstatic.com/s/comfortaa/v30/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v30/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;700&family=Nunito:wght@400;700&family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f3.1e100.net
Software
sffe /
Resource Hash
6cb648705e0a85e22f37d8e3f53e5f73502af6cdeb5a3a96c7a74098f4c88474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 00:54:33 GMT
x-content-type-options
nosniff
age
501499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35116
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:48:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 00:54:33 GMT
f5e28690-e3b9-4eab-8d64-51d4051e7e96
ekr.zdassets.com/compose/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31de84a80c73bb3e6f58fd412817759440f8d54192fb95c4011dce9a1619a95
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
ddb54854-c872-4eb8-aa10-af3c7179f966
x-runtime
0.002402
server
cloudflare
etag
W/"a31de84a80c73bb3e6f58fd412817759"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWmqfhEvQLinopvPU5O5tektKWL31FqkjQJ43TUtlMCV3iSqaZtWocz0FtoUh%2B1sKBOm3B%2FbugdEEMJZ6N1iOlYuSfAGbVdTh4DIighmCgaCviY1Y0q%2B71PpMn7rEufBAK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
68cb5049bb524125-PRG
auth-status
api.sezzle.com/v4/users/ 		24 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v4/users/auth-status
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID
53c4b71f-dbe3-42f9-a0f7-730074966e82
Content-Type
application/json
Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
ec76d214beb582fc476ab013026184e3
X-SezzleInc-Auth-Resource
dashboard

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
24
x-xss-protection
1; mode=block;
auth-status
api.sezzle.com/v4/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v4/users/auth-status
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
page
rs.fullstory.com/rec/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
994d8a01cba7752214b561a76a7b923ab38b7fe0fdef9ddd23c6c23e29be3f88

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-allow-credentials
true
alt-svc
clear
content-length
1536
via
1.1 google
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4f69c73fe5ae1b337e46a5aa93a7bfc11c05f000b62ed9df44e5cd0d3fad4971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51683
x-xss-protection
0
expires
Fri, 10 Sep 2021 20:12:52 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
bMXD3WsAza5gsZ0MUTLyjzDVqOCWaX6HpMSwjbLHKauZLtBaE0u247j40xL0Zq1I4u+uUM1CxkYpVgNlEGNqBw==
x-fb-trip-id
1082456386
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:12:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1899
date
Fri, 10 Sep 2021 19:41:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 21:41:13 GMT
uwt.js
static.ads-twitter.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
via
1.1 varnish
last-modified
Wed, 25 Aug 2021 16:20:44 GMT
age
75248
etag
"934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
2119
x-timer
S1631304772.303613,VS0,VE0
x-served-by
cache-fra19137-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-45.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 20:12:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=75904
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
bat.js
bat.bing.com/ 		0
0
installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 		578 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
7cb976af08fe874ac099b417f488fa4201709a8d4b945819f84cfb76986ef965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://dashboard.sezzle.com/
x-goog-api-key
AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
454
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations
Protocol
H2
Server
142.250.80.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://dashboard.sezzle.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Fri, 10 Sep 2021 20:12:52 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ 		109 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f9cc0376172dcd0b1fdfe5281aeacf14182def28e305e4705b941cfb5bf96f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44663
x-xss-protection
0
expires
Fri, 10 Sep 2021 20:12:52 GMT
collect
px.ads.linkedin.com/ 		0
0
adsct
analytics.twitter.com/i/ 		31 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o18vo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 10 Sep 2021 20:12:52 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
36591c640376517562b70d213546e2ba5a4a2e6cafccc80d3990c9419a45ad1e
x-transaction
b30107b63c6fdcf6
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		0
0
web-widget-preload-c11c853e3495048c3769.js
static.zdassets.com/web_widget/latest/ Frame 7AC7 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f931727f5587eac50af01b169fde29a7e697d292417ba65ebcc48fa0350f986d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275684
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
SQF3W6803VZV67EC
x-amz-id-2
kUgwpy70yuVxqGqw++P6UEh5UPtmskQ181t8daeHfLS7tx5Dw1aebYsCO01dGIdzkPLIfvtF65M=
last-modified
Fri, 27 Aug 2021 00:36:48 GMT
server
cloudflare
etag
W/"494cdcdbb9f8aabb90662f90e86713a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpRuOuehuXnfnxwCNjkq8kk6Mba1NoE85EpRwM2OkwqP05UB4%2BgyXJ0AR2gV2C%2FbBrWXXVcJndw%2BrEA8fU1PXC%2FRClh%2BGJuQOzmj5L5jz9XEetrdxgjc8Ss023FhOLXkk38RD38%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
qUzu2RsE4KTQBDKNYnerlPJrytK1UfHb
cf-ray
68cb504b19c7412b-PRG
expires
Sat, 27 Aug 2022 00:36:47 GMT
web-widget-framework-1b147c41a301f1c689d1.js
static.zdassets.com/web_widget/latest/ Frame 7AC7 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901b0c5f73b547d42ae394fdd0e64e844c04cc18bba2ef71b0530a940337e460
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275684
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
SQF29Z671N42VYAA
x-amz-id-2
qs3lJyymxQkDpHQKl/dRn/M5Dyfev1buOlLvOqrhULDujlfrSvckBNhNqwTo5P7/idjoOFdbIOM=
last-modified
Fri, 27 Aug 2021 00:36:48 GMT
server
cloudflare
etag
W/"4ffd0070344c005afce1ff2d12d44e7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UVnCVm%2FOji2kEf1fiHIr0zYWzT0HwSJzAOJnD1I1I17GBr6uBRIHYByNQcqpV9Wa0SgHfuRcejaXAp82W0SZ1OaPgIopwY3pFw2X6Mxqosh53Uz%2BUJO7COhuDOau8IUIQNILZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
v41TCMXJjPtMAYoQuoT1GMc4uDmGKEn1
cf-ray
68cb504b19c8412b-PRG
expires
Sat, 27 Aug 2022 00:36:47 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame 7AC7 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4562925
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
ZFRSPVJGMXW155VC
x-amz-id-2
kEnZBugh+pg+Cidj8dKDDQtj2wz4yiHoFFIoLLEZRa+bZAR72yQ6JQqKHghG7VlmTZCExNFug7k=
last-modified
Mon, 19 Jul 2021 02:04:04 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17Ey74HSIFZgSp8yyVKdsTP3uGNSgZz8mN8Sy57wT%2FdLxkecknH0LdKaV5pNMT6Xv1UHMwWDXxA43w%2B3fRPMzntrUKRNyYhmzDwKsRco6sgQTuTyg4%2Bhh5IDsAKv8LFeS0E7xWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
6nLy1oZDiI0GDEsA2cGfRKjp8Mm1fRS8
cf-ray
68cb504b19c9412b-PRG
expires
Tue, 19 Jul 2022 02:04:03 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=2oe910&_p=1950951571&sr=1600x1200&ul=en-us&cid=850643697.1631304772&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dt=Sezzle%20Customer%20Dashboard&sid=1631304772&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:12:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
sezzle.zendesk.com/embeddable/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable/config
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203f2aa0c51c33fe0b7de96f1a2ee3778d06baa27b9b79cb43651bd243b2654b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-5d979d87f9-q5njc
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
68cb504c0bd0f9e6-SEA, 68cb504c0bd0f9e6-SEA
x-runtime
0.001218
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGLwTzTZp2m%2F0y2naZTKUOdzmoYROY6427D2SwDtCG3eLU8tQgET0opjvXFd1tQ5cAuhLC6jmTFA9iRPpYk9bYl%2FgICJYVB0CDJf8oUblsefk440orZej4SbrPuV8iMhlqFUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
68cb504c0bd0f9e6-PRG
355731011522150
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/355731011522150?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
1d82ba1d7493fb7b2d18d371da2a0be15f3df1073669609c73acaad0473bfbe1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
gSxk/oFl/dtJg4mFG68IgPecDUGNk2txXXdGlh77dfh7JRUr4M1hpOzJRH/sKrSWRPn8DbTXHJcCTwI2hg5o/g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:12:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=2oe910&_p=1950951571&sr=1600x1200&ul=en-us&_fid=dZp8bqjpVZUgl9eL1E38x7&cid=850643697.1631304772&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dt=Sezzle%20Customer%20Dashboard&sid=1631304772&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:12:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=13FHV&UserId=5415987621568512&SessionId=5061988900839424&PageId=6684883498475520&Seq=1&PageStart=1631304772358&PrevBundleTime=0&LastActivity=419&IsNewSession=true
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
3e5697e5fa2bb32f696c344bef97f6b1837630b291e6182ebc816a8dfb7c7d10

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dashboard.sezzle.com
date
Fri, 10 Sep 2021 20:12:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PT4J8GM&t=gtm34&cid=850643697.1631304772
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
00fcad026277543843ba270b5317d791bdf953c5d2f3b43973544ecd24d49580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39276
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:12:52 GMT
de-de-json-eff801a5400a44679d84.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 7AC7 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-eff801a5400a44679d84.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed960724bbe2cd29bd0efdd4876c335f45685fc3e28e3370e0468ef080e40f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275681
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
R3GPBCBNYA1GQDB3
x-amz-id-2
BBhT0fd+fczn+4yBrY1Vb0yZ0ejdOi7jVgtQOnOrMN24IpPMJzeFa5pljfI0rxjT6jNmXPrO92k=
last-modified
Fri, 27 Aug 2021 00:36:01 GMT
server
cloudflare
etag
W/"93b2c0fba362ae1959dc1da4a5a00aef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdPtkAo%2B%2Fi%2B1k9CUXzn1cMmTAP69oJ%2BZCdes59J0DOZ2snr%2BQ4Bb5cqplFruHGM7woIExKDuZYMflLOuRiBch%2Bs2O%2B%2BTOpyx%2FHAyGSfSoqLHyXGtIXSykLbrKTB5Q4YnLU2iYmw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
JSfF_Jy9UhfdfWuEN8oWeaPpAcG3FalX
cf-ray
68cb504d6f8c412b-PRG
expires
Sat, 27 Aug 2022 00:36:00 GMT
web-widget-218-a0e6bddf78f556c0ba98.js
static.zdassets.com/web_widget/latest/ Frame 7AC7 		330 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-218-a0e6bddf78f556c0ba98.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dcaeb939318effbb2db3a742e54dba4b1d31e84858207fb43b75a4b6a576dd7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2735226
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
2GCGCP7DKHXRWNY2
x-amz-id-2
tZbgE4wUzywo0pCEgH+cUqNisvME6sH70E3UySTvWPZCVZzrwVMWHlLhFoP/8CREPpBtGSz3f+c=
last-modified
Mon, 09 Aug 2021 15:03:50 GMT
server
cloudflare
etag
W/"d270a189c9839f5d9d7f3e49bbeae2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX069aONlk0ROlEOaaL0K9%2F3BzQddONWTTE1Thvwxr9yPvifduN%2BYt81oOPqq65rszPEj9Z9YgMzM9jGRSpY%2B10imGboE%2BL7KaZkoq8CjS9BqhkGVd36%2BYyRG0O8WK%2Bc9YFCjV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
3sjv5e8lvY6f4Mm3flRDrq1MhhcZeVSU
cf-ray
68cb504d6f8f412b-PRG
expires
Tue, 09 Aug 2022 15:03:49 GMT
web-widget-9829-5f3c12ec148288f64210.js
static.zdassets.com/web_widget/latest/ Frame 7AC7 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-9829-5f3c12ec148288f64210.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0987ab417187ff28db7f13e2ba5a66623e2b2cc83ba11308c8735df9a9db2792
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2223128
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4W307NV2PBB3PQXN
x-amz-id-2
5e/65dQCMbnciqZJJGP4XPU1JyCUBT9iSNVSToMusn/S9Tat1nC8ORmWaImYBb0Kq6ydMgtXiOM=
last-modified
Fri, 13 Aug 2021 00:23:50 GMT
server
cloudflare
etag
W/"c416333951b19b5a604bb7f65785650e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYsVkHBCc8ehgZGTJIpTDDWxhpB7Ehz794RG3IT2sGBI%2Bkzz3BDLjyXZngQ0yrVJaGR4cDTS%2FA6e6ikhO1FEu0awRITHZrLwgisCcQCE3d2fZuz8Blu1bUtxdTmKo9uuQvxO14Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
49ot3h21npFAkxmz5L51VOsC2.m1cZtL
cf-ray
68cb504d6f91412b-PRG
expires
Sat, 13 Aug 2022 00:23:49 GMT
web_widget-34813b70768c992d1401.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 7AC7 		418 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-34813b70768c992d1401.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce29588c56c8a1ebb6b76aa0f861097422a599b1f7f433a2281de08bf036b5c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275683
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
MJW12G3RG5NECAPN
x-amz-id-2
vf9CWDOpz8mjz0/hvImpLoJE+aW7H9pdw1BCb6dP1jJRFZJ+li1iZ+qZWp+fNuT+boEPdfIPlnU=
last-modified
Fri, 27 Aug 2021 00:35:05 GMT
server
cloudflare
etag
W/"fef0d8fa8ff30afd8c9006a9344f1afc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5kR2iIFTeuVrh0W%2Bq%2Bcbrwyhq3MOswxBPIHQV28q%2BNzPAb9AK23mf4iTOwXbouTMqvCFAxKqsi9b2iln5UyvR0g67uhM2Haziqkm2S2mz4Kk7vRQoQa1dzLwwHxmZB2yCI89nU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wZHvAZ2moLXZQaNmJ3MYT.Dl0vKLvC3V
cf-ray
68cb504d6f94412b-PRG
expires
Sat, 27 Aug 2022 00:35:04 GMT
embeddable_blip
sezzle.zendesk.com/ Frame 7AC7 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjE1OSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiMGE5NTE4MWY0ZTFiMzA4MDQ4M2Y2MjQyNjg2ZTMwNTkiLCJzdWlkIjoiN2I1NDg4NmQ2OWVhMjE5MTQ3OWNhNGZmMjNkNTVhNmIiLCJ2ZXJzaW9uIjoiNTM5OGNkMjgxIiwidGltZXN0YW1wIjoiMjAyMS0wOS0xMFQyMDoxMjo1Mi44NDZaIiwidXJsIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbS9jdXN0b21lciJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FqsFUZAsyRbaWDjdlxSbYwxLR9SBmp0vDWX4stvkXVjzmCI6qhydOi7L88Xg9yHXp960f%2BsMEAF7FcQMLtDuJi1RlICpK%2BmoSvmeEXHxdkVgfTiiditW%2FuVKdAXB2wEyd0WGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dashboard.sezzle.com
accept-ranges
bytes
cf-ray
68cb504e5823f9e6-PRG
vary
Accept-Encoding
content-length
0
x-request-id
b93d64f92381a37f298b7bf8c7630429
embeddable_blip
sezzle.zendesk.com/ Frame 7AC7 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiYXV0aGVudGljYXRlIjp7ImhlbHBDZW50ZXIiOmZhbHNlLCJjaGF0Ijp0cnVlfSwiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZX19fSwiYnVpZCI6IjBhOTUxODFmNGUxYjMwODA0ODNmNjI0MjY4NmUzMDU5Iiwic3VpZCI6IjdiNTQ4ODZkNjllYTIxOTE0NzljYTRmZjIzZDU1YTZiIiwidmVyc2lvbiI6IjUzOThjZDI4MSIsInRpbWVzdGFtcCI6IjIwMjEtMDktMTBUMjA6MTI6NTIuODU1WiIsInVybCI6Imh0dHBzOi8vZGFzaGJvYXJkLnNlenpsZS5jb20vY3VzdG9tZXIifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovbRIl3g7hGWIlRM%2FLXtREP%2BFvXDS3demRH9MASdtlvIr602J%2FDH3aZZyg0BVng3JaX1Zvw0I7xbtBsHxbXEK0d%2F5WHvnXmbO3Vyl5RXKDjObezDppBwVBs98zEvHoSS1FVN0A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dashboard.sezzle.com
accept-ranges
bytes
cf-ray
68cb504e683af9e6-PRG
vary
Accept-Encoding
content-length
0
x-request-id
c1a1e8bd8880d4af912a01e8fe5e3872
embeddable_blip
sezzle.zendesk.com/ Frame 7AC7 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbS9jdXN0b21lciIsInRpbWUiOjM4LCJsb2FkVGltZSI6NDcuNSwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlNlenpsZSBDdXN0b21lciBEYXNoYm9hcmQiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjE1OSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCxpbml0aWFsLXNjYWxlPTEiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjBhOTUxODFmNGUxYjMwODA0ODNmNjI0MjY4NmUzMDU5Iiwic3VpZCI6IjdiNTQ4ODZkNjllYTIxOTE0NzljYTRmZjIzZDU1YTZiIiwidmVyc2lvbiI6IjUzOThjZDI4MSIsInRpbWVzdGFtcCI6IjIwMjEtMDktMTBUMjA6MTI6NTIuODg0WiIsInVybCI6Imh0dHBzOi8vZGFzaGJvYXJkLnNlenpsZS5jb20vY3VzdG9tZXIifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYUnRrM1nPw2L9fu9GcvWQ0NfJigOn0YZGZySHOCgdUGuTSU7oWt4g1AjmFc5hG1CFwVqu6JhjQ%2B1UsF%2Bf%2BGoGlZ9u%2FkTd%2BtBFf0mEOMCRySnWr%2F7snySTR%2BtyS2ZDO6UTbzEw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dashboard.sezzle.com
accept-ranges
bytes
cf-ray
68cb504e9886f9e6-PRG
vary
Accept-Encoding
content-length
0
x-request-id
b72224fa921d78b0c5b8749ad6a51283
fs.js
edge.fullstory.com/s/ Frame E42B 		210 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5

Request headers

Referer
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:21:43 GMT
content-encoding
gzip
age
3069
x-guploader-uploadid
ADPycdt1Y215vbW0ZGA9gkrBBovwnWJstrV8p8-ExIMXf9gNiYXq-qAn9CvrrPaxewcZMKUqMjlHTNQhzM2-Ght2JDcNgfLbag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
64293
last-modified
Thu, 26 Aug 2021 17:33:28 GMT
server
UploadServer
etag
"3279f654c7f61ca00ecbb7d2ef197511"
x-goog-hash
crc32c=sObuww==, md5=Mnn2VMf2HKAOy7fS7xl1EQ==
x-goog-generation
1629999208621409
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
64293
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 10 Sep 2021 20:21:43 GMT
805817303491823
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/805817303491823?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
53da964bcef519d8aafb5342205b9fdcaefd60d305fd88da3f9248c7564e2c19
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
xV0ktQf7ibxD9EWm1xG/wYsvCho6DD9FS6wVNp+Fwyc1NWnT3+BlJCjrvkZfnCE8HtrufHC3qh5dhqXM911mHA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:12:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=355731011522150&ev=PageView&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&rl=&if=false&ts=1631304772938&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631304772937.1426208176&it=1631304772396&coo=false&exp=p0&rqm=GET
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 10 Sep 2021 20:12:53 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1950951571&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dp=%2Fcustomer&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=639855395&gjid=1081324931&cid=850643697.1631304772&tid=UA-72079130-32&_gid=471208588.1631304773&_r=1&gtm=2wg910MX2HJWM&z=1846299025
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
107.894d27e2b3f29c74e6ff.chunk.js
dashboard.sezzle.com/customer/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/107.894d27e2b3f29c74e6ff.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
f129590eb4922e2dcdfaf0ddf0f626303dc8353123add4dc95a3f30b15277567
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/107.894d27e2b3f29c74e6ff.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:00 GMT
server
etag
W/"2a5afc8fbd8cc64f99066c7750205856"
vary
Accept-Encoding
x-amz-version-id
7aXeJbCiZNZieokUkjFDIJ.xnqu4o0P8
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
egOrKYLFmM3aP5qZCoWFW4Kvyz67d08xdE_Bd3DAnaAjyHRd9v9mBA==
remoteconfig
api.sezzle.com/v1/ 		377 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/remoteconfig
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
606e4ce1757f0a0645092c0262e70006a4c64b96251b7e170dd155029c75738b
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
ec76d214beb582fc476ab013026184e3
Accept-Language
de-DE,de;q=0.9
X-SezzleInc-Auth-Resource
dashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID
53c4b71f-dbe3-42f9-a0f7-730074966e82

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
377
x-xss-protection
1; mode=block;
remoteconfig
api.sezzle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/remoteconfig
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f71db6db6d75014ae0171f4ba2054b978920e0d5f82eeafedd985a9cb32fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
create-event
api.sezzle.com/v1/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-event
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type,x-sezzleinc-client
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
create-event
api.sezzle.com/v1/event/ 		0
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-event
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Client
web_customer_dashboard
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
86.c86aaa6b86b4d1579521.chunk.js
dashboard.sezzle.com/customer/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/86.c86aaa6b86b4d1579521.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
no-cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304773.0; szl_wpe_sid=913f141c-138e-4246-96c2-958f0a2f25f9
:path
/customer/86.c86aaa6b86b4d1579521.chunk.js
pragma
no-cache
purpose
prefetch
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1785
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:06 GMT
server
etag
W/"13df3d0c812eb66821db9bf057a9c243"
vary
Accept-Encoding
x-amz-version-id
a7pBraw5GbL9Sgpq2AVsF7aC9QOvk6AK
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
v3WPb-GBX0mHt52RosNEDGjJQE0xruZ6pBU_65I2J_uSn9-cZT0_gQ==
108.a1a4c373555b78650220.chunk.js
dashboard.sezzle.com/customer/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/108.a1a4c373555b78650220.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
ce64f71999c236872b963fb77c5ec92f1d99486c7cc5b52bb6049748d6f1e4e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/108.a1a4c373555b78650220.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304773.0; szl_wpe_sid=913f141c-138e-4246-96c2-958f0a2f25f9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1783
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:00 GMT
server
etag
W/"64de32ba653c5fa03fc9285495652e78"
vary
Accept-Encoding
x-amz-version-id
JRST_kFqk3vka0R7HDK_Rw19ZkznjNFB
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
dRdm9Q43i3WQKPWVb8OPPk60t-Zwc0-VRMucv_yEg3P-huEwetjdUg==
collect
stats.g.doubleclick.net/j/ 		4 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-72079130-32&cid=850643697.1631304772&jid=639855395&gjid=1081324931&_gid=471208588.1631304773&_u=aCDAAEACQAAAAC~&z=1401364843
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Sep 2021 20:12:53 GMT
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
npm.react-helmet.2267e83e9fef5a043e2f.chunk.js
dashboard.sezzle.com/customer/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-helmet.2267e83e9fef5a043e2f.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
ae949df069231c45bd6624d6f5d5b436c4e7a75cbdbb939a564da959e0cf501c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-helmet.2267e83e9fef5a043e2f.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304773.0; szl_wpe_sid=913f141c-138e-4246-96c2-958f0a2f25f9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2045
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"5d6e6316f5a35883342531010bbd46c3"
vary
Accept-Encoding
x-amz-version-id
cKOtucy5.AsoJkoTqatB7xPY0R6mDt3d
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
4_ZzhirJ18_CKzOZZEZr2noJI_kWTt0lf0EtppnuFn3alzR0_B_rHQ==
npm.react-side-effect.0fb0f3aa0cd4fd0af64c.chunk.js
dashboard.sezzle.com/customer/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-side-effect.0fb0f3aa0cd4fd0af64c.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
a4dfa9d6961e54844ce45f857c989c61c46ea5ceb215bd05e083a2d05956628a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-side-effect.0fb0f3aa0cd4fd0af64c.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304773.0; szl_wpe_sid=913f141c-138e-4246-96c2-958f0a2f25f9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2045
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"f149e4e4c9a92c92e3677b342df3f3f0"
vary
Accept-Encoding
x-amz-version-id
HXLkeCqP7duM8Ig0N4PGE_wu_fgQF_lp
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
bO0w_AaoNUaJyAu1WvfZRkCsRzCK-VePIsYdd1K8P4csAcyZN8VjDg==
npm.react-burger-menu.a19bfd1c7d8c005a28b2.chunk.js
dashboard.sezzle.com/customer/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-burger-menu.a19bfd1c7d8c005a28b2.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
0738d66c142a2a7f4424d809b08d449b3b02acdaea7f7653870cd79ec7550d01
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-burger-menu.a19bfd1c7d8c005a28b2.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304773.0; szl_wpe_sid=913f141c-138e-4246-96c2-958f0a2f25f9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2045
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"441c7d8541001c8eeaaf2d5cc10b0bb9"
vary
Accept-Encoding
x-amz-version-id
46TWvAZTr1T_HPLGL4e3wZekVSdDCOb.
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
l5WLuqIjJOF-0nEEdAbR3Mr3hn0ZHke7xH8hE_G0V0m-mPc8isZatg==
65.663c24126662696cf70a.chunk.js
dashboard.sezzle.com/customer/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/65.663c24126662696cf70a.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-65.muc50.r.cloudfront.net
Software
/
Resource Hash
fdf5d5c34251cc6c51ccd606bf4ddeb3767eb5ed9fc5370d503e5c184dabe3f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/65.663c24126662696cf70a.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=d77bceba-d0c2-4071-b710-22647159e2fe; szl_wpe_fs_rand=0.9782025356121038; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=53c4b71f-dbe3-42f9-a0f7-730074966e82; _gcl_au=1.1.346509394.1631304772; _ga_1MJLY6RLKW=GS1.1.1631304772.1.0.1631304772.0; fs_uid=rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772; _ga=GA1.2.850643697.1631304772; _gid=GA1.2.471208588.1631304773; _fbp=fb.1.1631304772937.1426208176; _gat_UA-72079130-32=1; _ga_FB5QYFCQBC=GS1.1.1631304772.1.0.1631304773.0; szl_wpe_sid=913f141c-138e-4246-96c2-958f0a2f25f9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1780
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:05 GMT
server
etag
W/"0d19a6238ba0acff44ca87096a9e58c0"
vary
Accept-Encoding
x-amz-version-id
QMd1W4T3B30_2.fMH34h5U1MK_WBFuEI
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
UzFVEUNchP2l52xhCHh5NeEQhXrR0bBVCdWdcl_rzMOD0E6XDpUg7A==
/
api.sezzle.com/userasks/v1/low/external/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/userasks/v1/low/external/
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-69.muc50.r.cloudfront.net
Software
/
Resource Hash
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:18:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 17:10:33 GMT
server
age
3291
etag
W/"0fb7c8e946de60d298e697e3143a598e"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
access-control-max-age
86400
x-cache
Hit from cloudfront
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
pZhJT59nYiZ42rnwJ4VaMpbPNtuEiyZqhRZgfEQ0ao8NC8g9kB8hsw==
via
1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
/
api.sezzle.com/userasks/v1/low/external/ 		18 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/userasks/v1/low/external/
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
ec76d214beb582fc476ab013026184e3
Accept-Language
de-DE,de;q=0.9
X-SezzleInc-Auth-Resource
dashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID
53c4b71f-dbe3-42f9-a0f7-730074966e82

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
18
x-xss-protection
1; mode=block;
ipdetails
geoip.sezzle.com/v1/geoip/ 		234 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.sezzle.com/v1/geoip/ipdetails
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f44de1a5cec18b8dc2cd30e2956e0ba2c2d0c3c505f301b12aee9d629bdcfe62
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
234
x-xss-protection
1; mode=block;
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=805817303491823&ev=PageView&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin&rl=&if=false&ts=1631304773382&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1631304772937.1426208176&it=1631304772396&coo=false&exp=p0&rqm=GET
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 10 Sep 2021 20:12:53 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-72079130-32&cid=850643697.1631304772&jid=639855395&_u=aCDAAEACQAAAAC~&z=473357599
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:12:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cca78091358bd19fc803d1dd22af5419766b9921a5fd8eb1b8a27a9220eefc

Request headers

Referer
https://dashboard.sezzle.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 02:28:31 GMT
server
cloudflare
etag
"6051694f-4d8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb50540d4f4125-PRG
content-length
19852
pro-fa-regular-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.0.woff2
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582b999c86cf975e3451523ebecd51377fc79554646a62bb88b1f239ff6ddc39

Request headers

Referer
https://dashboard.sezzle.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:28:28 GMT
server
cloudflare
age
872752
etag
"6051694c-5b60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb50540d534125-PRG
content-length
23392
us.svg
lipis.github.io/flag-icon-css/flags/4x3/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lipis.github.io/flag-icon-css/flags/4x3/us.svg
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-153.github.com
Software
GitHub.com /
Resource Hash
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
42582120b054d2492e2c3b948fa408de4ddf8af3
date
Fri, 10 Sep 2021 20:12:53 GMT
content-encoding
gzip
age
468
x-cache
HIT
content-length
727
x-served-by
cache-fra19122-FRA
access-control-allow-origin
*
last-modified
Mon, 26 Jul 2021 02:17:40 GMT
server
GitHub.com
x-github-request-id
4198:12492:3F68FB:42F6DF:613829BC
x-timer
S1631304774.805234,VS0,VE0
etag
W/"60fe1b44-116d"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
expires
Wed, 08 Sep 2021 03:18:08 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
x-cache-hits
3
create-event
api.sezzle.com/v1/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-event
Protocol
H2
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type,x-sezzleinc-client
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:12:53 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
create-event
api.sezzle.com/v1/event/ 		0
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-event
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Client
web_customer_dashboard
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:12:54 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=355731011522150&ev=Microdata&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin&rl=&if=false&ts=1631304774442&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sezzle%20Dashboard%3A%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631304772937.1426208176&it=1631304772396&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 10 Sep 2021 20:12:54 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=805817303491823&ev=Microdata&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin&rl=&if=false&ts=1631304774886&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sezzle%20Dashboard%3A%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1631304772937.1426208176&it=1631304772396&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:12:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 10 Sep 2021 20:12:54 GMT
bundle
rs.fullstory.com/rec/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1101490&time=1631304772309&url=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer
Domain
t.co
URL
https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o18vo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-72079130-32&cid=850643697.1631304772&jid=639855395&_u=aCDAAEACQAAAAC~&z=473357599
Domain
rs.fullstory.com
URL
https://rs.fullstory.com/rec/bundle?OrgId=13FHV&UserId=5415987621568512&SessionId=5061988900839424&PageId=6684883498475520&Seq=2&PageStart=1631304772358&PrevBundleTime=1631304773175&LastActivity=4503&IsNewSession=true

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| FontAwesomeKitConfig object| zESettings object| webpackJsonp object| SENTRY_RELEASE object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ function| gtag function| Payment boolean| _fs_is_outer_script boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized object| zEWebpackACJsonp function| zE function| zEmbed string| _fs_loaded function| _fs_shutdown object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| twq string| _linkedin_data_partner_id function| lintrk boolean| _already_called_lintrk object| twttr boolean| zEACLoaded object| gaGlobal function| onYouTubeIframeAPIReady object| __sentry_instrumentation_handlers__ object| gaplugins object| gaData function| $zopim function| ZENDESK_AUTHENTICATION_CALLBACK object| google_optimize object| szlShpDashCfg number| openHTTPs

15 Cookies

Domain/Path Name / Value
dashboard.sezzle.com/ Name: szl_wpe_sid_lt
Value: d77bceba-d0c2-4071-b710-22647159e2fe
dashboard.sezzle.com/ Name: szl_wpe_fs_rand
Value: 0.9782025356121038
.sezzle.com/ Name: fingerprint
Value: ec76d214beb582fc476ab013026184e3
.sezzle.com/ Name: trk_id
Value: 53c4b71f-dbe3-42f9-a0f7-730074966e82
.sezzle.com/ Name: _gcl_au
Value: 1.1.346509394.1631304772
.twitter.com/ Name: personalization_id
Value: "v1_0NbSCpBYiK6CVB5u4vMuEQ=="
.sezzle.com/ Name: fs_uid
Value: rs.fullstory.com#13FHV#5415987621568512:5061988900839424/1662840772
.sezzle.com/ Name: _ga
Value: GA1.2.850643697.1631304772
.sezzle.com/ Name: _gid
Value: GA1.2.471208588.1631304773
.sezzle.com/ Name: _fbp
Value: fb.1.1631304772937.1426208176
.sezzle.com/ Name: _gat_UA-72079130-32
Value: 1
.sezzle.com/ Name: _ga_FB5QYFCQBC
Value: GS1.1.1631304772.1.0.1631304773.0
dashboard.sezzle.com/ Name: szl_wpe_sid
Value: 913f141c-138e-4246-96c2-958f0a2f25f9
.sezzle.com/ Name: _szl_login_success_url
Value: %7B%22pathname%22%3A%22%2F%22%2C%22search%22%3A%22%22%2C%22hash%22%3A%22%22%7D
.sezzle.com/ Name: _ga_1MJLY6RLKW
Value: GS1.1.1631304772.1.1.1631304774.0

6 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM(Line 40)
Message:
Refused to load the script 'https://bat.bing.com/bat.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dashboard.sezzle.com/customer
Message:
Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1101490&time=1631304772309&url=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:".
security error URL: https://dashboard.sezzle.com/customer
Message:
Refused to load the image 'https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o18vo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:".
network error URL: https://api.sezzle.com/v4/users/auth-status
Message:
Failed to load resource: the server responded with a status of 401 ()
security error URL: https://dashboard.sezzle.com/customer/login
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-72079130-32&cid=850643697.1631304772&jid=639855395&_u=aCDAAEACQAAAAC~&z=473357599' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:".
network error URL: https://api.sezzle.com/userasks/v1/low/external/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.sezzle.com
bat.bing.com
connect.facebook.net
dashboard.sezzle.com
edge.fullstory.com
ekr.zdassets.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
geoip.sezzle.com
ka-p.fontawesome.com
kit.fontawesome.com
lipis.github.io
media.sezzle.com
o215203.ingest.sentry.io
p.typekit.net
px.ads.linkedin.com
rs.fullstory.com
sezzle.zendesk.com
snap.licdn.com
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bat.bing.com
px.ads.linkedin.com
rs.fullstory.com
t.co
www.google.de
104.16.51.111
104.18.22.52
104.18.23.52
104.18.70.113
104.18.72.113
104.244.42.3
142.250.176.206
142.250.64.104
142.250.80.100
142.250.80.106
142.250.80.42
142.251.4.155
151.101.12.157
172.217.165.131
185.199.108.153
185.60.218.24
185.60.218.35
23.218.209.45
23.32.238.192
23.47.222.230
34.120.195.249
35.162.27.45
35.186.194.58
35.201.112.186
99.84.82.65
99.84.82.69
00fcad026277543843ba270b5317d791bdf953c5d2f3b43973544ecd24d49580
04cca78091358bd19fc803d1dd22af5419766b9921a5fd8eb1b8a27a9220eefc
0515aace0267a9f51d900b1dd3d7857da6aca764f09fd5323a16aadb1e7b0cc2
0738d66c142a2a7f4424d809b08d449b3b02acdaea7f7653870cd79ec7550d01
0987ab417187ff28db7f13e2ba5a66623e2b2cc83ba11308c8735df9a9db2792
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
10bc36e1d6b50fa50af3b48d4a3a2bae345733d592b9d5c9b39b5e9977135619
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118074c0ce3ae7f35c22ec90abc477b85a24ab9896bc7ae07c8ec983d4d865dc
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d660ee1823483918997ffb5b64e9a085e47657fab4eb92810eafa3e02ed2ef3
1d82ba1d7493fb7b2d18d371da2a0be15f3df1073669609c73acaad0473bfbe1
203f2aa0c51c33fe0b7de96f1a2ee3778d06baa27b9b79cb43651bd243b2654b
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
22e2037b36515615d60ab5bb486646219d9a2509df36f31a11c9b94ec6f4bd5c
327aaea46813b16c7434f262477933a26ae9a2331278e75b08f7822477adec14
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3b3b1d19b03a7e7221fe28bbb3ec246959d8e7997b9ed6a90be348f7a37347bc
3e5697e5fa2bb32f696c344bef97f6b1837630b291e6182ebc816a8dfb7c7d10
4022a59538c4929ffc401db99b7b3cf9f54915c033374c0590a8692bfd1b6d23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5
4f69c73fe5ae1b337e46a5aa93a7bfc11c05f000b62ed9df44e5cd0d3fad4971
53da964bcef519d8aafb5342205b9fdcaefd60d305fd88da3f9248c7564e2c19
582b999c86cf975e3451523ebecd51377fc79554646a62bb88b1f239ff6ddc39
606e4ce1757f0a0645092c0262e70006a4c64b96251b7e170dd155029c75738b
63434d17aa8f991199611e64bfc195a53a5e1b0b3f2201d47ceefe6cb88cb398
64334d7cb5554ade320e458be83b6093f963bdc54496724c6caa4f58066398e1
644ba52f79647c004973532401c0769eed90b9f8797a26397fec05c1bd01a8f5
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
6876f84f6ecdb4e9abc8810f8c6fd73c122d0038bb8902ae8eb8f9332a41563b
6cb648705e0a85e22f37d8e3f53e5f73502af6cdeb5a3a96c7a74098f4c88474
6eb2c4435e417790d5649480d79dce0b5d6c5c1d4cd818eef4f7595bfdf44a4f
7cb976af08fe874ac099b417f488fa4201709a8d4b945819f84cfb76986ef965
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c3d0be5853811eb7a54321b76b0b0eff3d0887afd80b9f6ad9e2efe1caaac1
8d29352d4d1c803fd2f2d13512a76ceca4c092188a237d54fa42066baf0db4c7
901b0c5f73b547d42ae394fdd0e64e844c04cc18bba2ef71b0530a940337e460
96a83ae255efeca137c915b8073be91f113ccb1f80d439fea668bddcd8186c28
9826c009e36fe0da5e92e5b2c8ec5d924a62d7a0908afb22ae775930c6f4c941
994d8a01cba7752214b561a76a7b923ab38b7fe0fdef9ddd23c6c23e29be3f88
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
9dcaeb939318effbb2db3a742e54dba4b1d31e84858207fb43b75a4b6a576dd7
9ed960724bbe2cd29bd0efdd4876c335f45685fc3e28e3370e0468ef080e40f2
a31de84a80c73bb3e6f58fd412817759440f8d54192fb95c4011dce9a1619a95
a4dfa9d6961e54844ce45f857c989c61c46ea5ceb215bd05e083a2d05956628a
ae949df069231c45bd6624d6f5d5b436c4e7a75cbdbb939a564da959e0cf501c
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
cbb6429c652e5da628b9ebcc4ed35d8b104d1b9696496d924fa661c139fe49dd
ce3d5a8e199cd958fd8087f01e01bd9250a869c3ff266876f91545d140062d24
ce64f71999c236872b963fb77c5ec92f1d99486c7cc5b52bb6049748d6f1e4e4
ce885aa8b86fb7d85992aae4435fb45b444f8d3919dca083c83a36d7600f96d7
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d4f71db6db6d75014ae0171f4ba2054b978920e0d5f82eeafedd985a9cb32fb8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f129590eb4922e2dcdfaf0ddf0f626303dc8353123add4dc95a3f30b15277567
f44de1a5cec18b8dc2cd30e2956e0ba2c2d0c3c505f301b12aee9d629bdcfe62
f734d8ecda48e6d98faab2e1e9b91d6c5f72b86408ea6e2126d4b1681b92ef4c
f931727f5587eac50af01b169fde29a7e697d292417ba65ebcc48fa0350f986d
f9cc0376172dcd0b1fdfe5281aeacf14182def28e305e4705b941cfb5bf96f14
fce29588c56c8a1ebb6b76aa0f861097422a599b1f7f433a2281de08bf036b5c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdf5d5c34251cc6c51ccd606bf4ddeb3767eb5ed9fc5370d503e5c184dabe3f5
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3