dashboard.sezzle.com Open in urlscan Pro
2600:9000:247b:ee00:5:2c64:75c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sezzle.page.link/premium-signup
Effective URL:
https://dashboard.sezzle.com/customer/premium/signup
Submission: On March 10 via api (March 10th 2024, 10:22:24 pm UTC) from US — Scanned from US

Summary HTTP 265 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 17 domains to perform 265 HTTP transactions. The main IP is 2600:9000:247b:ee00:5:2c64:75c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com. The Cisco Umbrella rank of the primary domain is 708099.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 24th 2023. Valid for: a year.

This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
161	2600:9000:247... 2600:9000:247b:ee00:5:2c64:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:210... 2600:9000:210b:1800:1a:9a9d:1e00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e0:... 2606:4700:e0::ac40:6206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:900... 2600:1400:9000::6875:b613	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:900... 2600:1400:9000::6875:b609	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
22	44.230.34.124 44.230.34.124	16509 (AMAZON-02) (AMAZON-02)
5	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
5	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
1	44.239.107.15 44.239.107.15	16509 (AMAZON-02) (AMAZON-02)
9	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
265	24

2 2607:f8b0:4006:817::2001 (United States) 2 redirects

ASN15169 (GOOGLE, US)

sezzle.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

161 2600:9000:247b:ee00:5:2c64:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dashboard.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:210b:1800:1a:9a9d:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:6206 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::6875:b613 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::6875:b609 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 44.230.34.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-34-124.us-west-2.compute.amazonaws.com

api.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o215203.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sezzle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.107.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-107-15.us-west-2.compute.amazonaws.com

geoip.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
187	sezzle.com dashboard.sezzle.com — Cisco Umbrella Rank: 708099 media.sezzle.com — Cisco Umbrella Rank: 33782 api.sezzle.com — Cisco Umbrella Rank: 269328 geoip.sezzle.com — Cisco Umbrella Rank: 481780	2 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	712 KB
13	google.com analytics.google.com — Cisco Umbrella Rank: 148 www.google.com — Cisco Umbrella Rank: 2	114 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2184 ekr.zdassets.com — Cisco Umbrella Rank: 2517	216 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1215 rs.fullstory.com — Cisco Umbrella Rank: 1199	280 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1405 ka-p.fontawesome.com — Cisco Umbrella Rank: 3225	146 KB
5	zendesk.com sezzle.zendesk.com — Cisco Umbrella Rank: 342913	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
4	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 3911 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 561	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	370 KB
4	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 7749	93 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	406 B
2	page.link 2 redirects sezzle.page.link	1 KB
1	sentry.io o215203.ingest.sentry.io — Cisco Umbrella Rank: 546220	324 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 3828	14 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4631	12 KB
1	rokt.com apps.rokt.com — Cisco Umbrella Rank: 7585	19 KB
265	17

	Domain	Requested by
161	dashboard.sezzle.com	dashboard.sezzle.com
22	api.sezzle.com	dashboard.sezzle.com api.sezzle.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	dashboard.sezzle.com www.gstatic.com www.google.com
8	static.zdassets.com	dashboard.sezzle.com static.zdassets.com
5	fonts.gstatic.com	www.google.com
5	sezzle.zendesk.com	static.zdassets.com
5	ka-p.fontawesome.com	dashboard.sezzle.com
5	edge.fullstory.com	dashboard.sezzle.com edge.fullstory.com
4	analytics.google.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com dashboard.sezzle.com
4	www.googletagmanager.com	dashboard.sezzle.com www.googletagmanager.com
4	fonts.cdnfonts.com	dashboard.sezzle.com fonts.cdnfonts.com
3	rs.fullstory.com	dashboard.sezzle.com
3	media.sezzle.com	dashboard.sezzle.com
2	stats.g.doubleclick.net	www.googletagmanager.com dashboard.sezzle.com
2	firebaseinstallations.googleapis.com	dashboard.sezzle.com
2	firebase.googleapis.com	dashboard.sezzle.com
2	kit.fontawesome.com	dashboard.sezzle.com
2	sezzle.page.link	2 redirects
1	geoip.sezzle.com	dashboard.sezzle.com
1	o215203.ingest.sentry.io	dashboard.sezzle.com
1	ekr.zdassets.com	static.zdassets.com
1	utt.impactcdn.com	dashboard.sezzle.com
1	websdk.appsflyer.com	dashboard.sezzle.com
1	apps.rokt.com	dashboard.sezzle.com
265	26

This site contains links to these domains. Also see Links.

Domain
legal.sezzle.com
sezzle.com

Subject Issuer	Validity	Valid
dashboard.sezzle.com Amazon RSA 2048 M03	`2023-08-24` - `2024-09-22`	a year	crt.sh
media.sezzle.com Amazon RSA 2048 M02	`2023-05-03` - `2024-05-31`	a year	crt.sh
cdnfonts.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-14` - `2024-12-20`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
api.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
sezzle.zendesk.com Cloudflare Inc ECC CA-3	`2023-05-30` - `2024-05-29`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
geoip.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://dashboard.sezzle.com/customer/premium/signup
Frame ID: DB814BF19732760E6F5ED6F003E7F909
Requests: 219 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Frame ID: 461E5FF7DBEE1FD6F2AC54F518593456
Requests: 10 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 7477E59A2B1619E2FB0966221D559991
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 8BFE26FCDF06B303C91F0DF49154E4F1
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: E3271C65834B2FF2F0205E34EBA39699
Requests: 1 HTTP requests in this frame

Frame: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
Frame ID: 44B98E0082E3E788083869D70AE5BB96
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=QquE1_MNjnFHgZF4HPsEcf_2&theme=light&size=invisible&badge=bottomleft&cb=pbh3wiuj1ocf
Frame ID: DBA6A071DD7A2C7834170A3B4FB72261
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
Frame ID: 861A4BE42D1E56D13BEB06B8E16D1AF9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sezzle Dashboard: Welcome

Page URL History Show full URLs

http://sezzle.page.link/premium-signup HTTP 301
https://sezzle.page.link/premium-signup HTTP 302
https://dashboard.sezzle.com/customer/premium/signup Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

265
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

26
Subdomains

24
IPs

2
Countries

4434 kB
Transfer

10337 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.sezzle.com/user/en-us/
Title: Sezzle User Agreement

Search URL Search Domain Scan URL

URL: https://legal.sezzle.com/privacy/en-us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sezzle.com/
Title: ©2024 Sezzle Inc.

Search URL Search Domain Scan URL

URL: https://sezzle.com/contact-us/shopper-support
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sezzle.page.link/premium-signup HTTP 301
https://sezzle.page.link/premium-signup HTTP 302
https://dashboard.sezzle.com/customer/premium/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

265 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signup Show response
dashboard.sezzle.com/customer/premium/
Redirect Chain

http://sezzle.page.link/premium-signup
https://sezzle.page.link/premium-signup
https://dashboard.sezzle.com/customer/premium/signup

7 KB
5 KB

597ms
337ms

Document
text/html

2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

eb7bda1521ce7727b7ff2ebf50b0b2d8ab48340e13c5be92a8460c4ccd63e317

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=600,public
content-encoding: gzip
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
content-type: text/html; charset=utf-8
date: Sun, 10 Mar 2024 22:22:14 GMT
etag: W/"sa01515a3"
last-modified: Thu, 07 Mar 2024 22:29:25 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-id: 2nSoCCeezPyol3eDqoObAHQUcO3orHNzTwrP-s9NZbYI18KBgJzjMg==
x-amz-cf-pop: JFK52-P2
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sezzleinc-test: test header
x-xss-protection: 1; mode=block;

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-By0dm-KW66sjX84KYJy9Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Sun, 10 Mar 2024 22:22:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://dashboard.sezzle.com/customer/premium/signup
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sezzle-legacy-5.3.5.css
media.sezzle.com/style-guide/css/ 120 KB
22 KB 248ms
63ms Stylesheet
text/css 2600:9000:210b:1800:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sezzle.com/style-guide/css/sezzle-legacy-5.3.5.css
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:1800:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 13:58:18 GMT
content-encoding: gzip
via: 1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 37706
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Aug 2023 15:07:41 GMT
server
etag: W/"eede49ea943b0bc51703fd902fcaec8a"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: TyXacCV1x1HBI7Iwz0CAuqmngm9sVIGbjkqzgG2r-8XdVN4Vqs0wCQ==

GET
H2 200 satoshi
fonts.cdnfonts.com/css/ 2 KB
741 B 406ms
131ms Stylesheet
text/css 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/satoshi
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8776331
cf-polished: origSize=1959
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 08:30:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTxMd5eP9hQiR7FUZg6FsZ5RAbD42RupXr1VFcNH6pEeZ728PCinWQgAbHlOqNJQBNpqTFr0eTfvMvIhkwq3GBOZ4rscXBdfZrTayQi05rhT03vgYnDwD0q3rD2TG8t5xLxUuLb%2BxrljLjI30GKjqy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8626b3d11f4b2369-EWR

GET
H2 200 launcher.js Show response
apps.rokt.com/wsdk/integrations/ 77 KB
19 KB 273ms
68ms Script
application/javascript 2600:1400:9000::6875:b613
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/launcher.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::6875:b613 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69fef7bf67ead0c4c2df08be990ee582b4b0c2366efabc0418b2be2abc75bb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 21AVFG0X7KDS1DGC
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 18855
x-amz-id-2: 8gIbmrzK+VkGi3M3QvoSwpRo9nSiWak85954YBaWLry8dwotOB+49ZVAjgfyHzdFvKlnMQ3u104=
last-modified: Fri, 08 Mar 2024 00:55:33 GMT
server: AmazonS3
etag: "d282095455d54b6ddd5f00cc05448436"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 e6012efc1e.js Show response
kit.fontawesome.com/ 12 KB
5 KB 404ms
161ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8626b3d1399f8c7d-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7uFqcIVRMLAsBfAEU8h

GET
H2 200 27e625c41aeff55daf35.js Show response
dashboard.sezzle.com/customer/ 10 KB
8 KB 95ms
95ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fc215cf0c2fe0d7147a1dc3f2efd0a0cf0d1814191d3b6cfe8a67a0eb6c9b2a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wWapfsW0EhckENR4EFEf9LGN1IkyOlt7
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"c643eed3f605a933d0d02a8628c4564e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 20D6eXV9vJSwpTStWN56BMD_ncWKTWIHUOoPJ01MhHDmyadGT0lkCA==

GET
H2 200 1a256f2d971cdf513dde.js Show response
dashboard.sezzle.com/customer/ 121 KB
56 KB 94ms
93ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xq7hhY3qNuQWQ_IrHzq3Dzer3oTLs2O7
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:20 GMT
etag: W/"ce951a0b55d48e8e50b8f44e2b3548b6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: hE7H-gKGtIomAU4LQnDFIkHIBSj0DCRoTbKSwmEuWHWcuiOexBg4CQ==

GET
H2 200 5f2ac3972abfbd68e212.js Show response
dashboard.sezzle.com/customer/ 44 KB
15 KB 94ms
94ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5f2ac3972abfbd68e212.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: u_4axubMOjXYhcA.15ClmWWpHHw0akUR
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"851ab23630c047782f7829decc162c01"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: W978symZCW1AoSfD3YRIBhP2lMzKSd1iv_6KJCtAlXEneXAOF_AUkQ==

GET
H2 200 43b66ae0e58e97f5166c.js Show response
dashboard.sezzle.com/customer/ 66 KB
22 KB 95ms
95ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/43b66ae0e58e97f5166c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: V67dSfDIvuRGEBRV8Hi21_nglviG8zoj
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"05e3c200baafd8f7ce776ff3d328d226"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RY0eEgAFp0khq8QwuCUHhkvekpab8Wr1p1yVodZ76Wua5b2gagBqeg==

GET
H2 200 e14b8c01aac1fdb51cdb.js Show response
dashboard.sezzle.com/customer/ 37 KB
13 KB 95ms
95ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e14b8c01aac1fdb51cdb.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e09ab61c035948a8d070b553578b21fdb74e1c25b473d58cb08eb6e264d40383

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ja_pW8lOOqwn7sY2oGoaX7r9ZBuBFxeu
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"12729470db7f7d594a19697cb023e4f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FbnIqpUiiQxkCYfI6K28KE1U5PdSASPP4W1lQkzcp_UyYMr06Dgpqw==

GET
H2 200 80bae9c390090021a0f1.js Show response
dashboard.sezzle.com/customer/ 169 KB
55 KB 212ms
212ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/80bae9c390090021a0f1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

522f4862985232d255f9d661c224d3a310edd3e83670b1029f8638da4d80476c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tPyYtgHD8A8MjZK6WZ2Jkrw.uy9Ay9Nh
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"a29c68cfc03011d191c67a36a47e3c6c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 9TJ6-x57EaN5bcsyD6p1q5-Qzacis5E8z6o-ZsImOYd6WEDcf2pm1Q==

GET
H2 200 e02d3d5a53be08d3964e.js Show response
dashboard.sezzle.com/customer/ 30 KB
16 KB 210ms
210ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e02d3d5a53be08d3964e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AEyzhUqc4TKybTF65QX.y5s5MWzAozjZ
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"695895a7f31ff3beb7d8f1925bdb882a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: B8sAWufYdsvDbJXJwHCWnlTHoa04tgQ_apRGLcGfDqz-cAlPFBhAZA==

GET
H2 200 be3a9a570e455b866bd5.js Show response
dashboard.sezzle.com/customer/ 13 KB
6 KB 94ms
94ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/be3a9a570e455b866bd5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rW2MO_8cc.5MnpXVvaC5A_m4kKrPJRqV
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"e622c88365d8fa13ade95e934bf9738e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vQEMLKesIYhFh6hvgA6g5W08loIImbuKtN3F6VvDdQUY8iRab-Gs1g==

GET
H2 200 c0bec519dabc8742bd4f.js Show response
dashboard.sezzle.com/customer/ 14 KB
8 KB 229ms
229ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c0bec519dabc8742bd4f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aeanz.ZwVxpYfUR5BAaOIVHJUFC3lEEK
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"ff4e9b15c2aebd913ef9967f8e5c58a3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ppsiMGGReg6Sw-OHX5dUf-p_JSEucQuC9KITSc61-ihJLaa9BLkAPA==

GET
H2 200 269f6ffb02ae81790952.js Show response
dashboard.sezzle.com/customer/ 58 KB
20 KB 230ms
230ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9EJBDd6o3tjcSv1vSwnaK6uP5b6uh6x3
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"b896b0503f2af94aeef289aeeb816a23"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Dwo-pdT3dlcQdyx2fcckKLXaR5jTPPGWxYTnx5pnhVXNt1KcjAz8rQ==

GET
H2 200 ef8efec8169f7dbef07c.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 280ms
280ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ef8efec8169f7dbef07c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

96987d15cdaed054d226578136f46cd4e6f2c0fe70f360a77ebc1821c4b796a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: etkr8CODaAwTnJ.3yi55JZFXu1EY1_Ny
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"d62139fd1b5bfd1356d4044d4ab0a0e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wv7dsAt0ZCepvx_1XGBqOOKlOk2ig5VA_dvDcU7CePRaS4F8p10gng==

GET
H2 200 1f21e1d5495b0d2fbb0d.js Show response
dashboard.sezzle.com/customer/ 49 KB
23 KB 281ms
281ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1f21e1d5495b0d2fbb0d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8G5eM_LOoEgxuOmLRdBQLWOMo_cj_EP4
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 761
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:20 GMT
etag: W/"e1ad74a558591ec6da2f48ebaec8619c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -986TG90tbzI4En_68HXKZHyMOtca6KOvPqlr67SEE1AtVvatmi1bQ==

GET
H2 200 dba21c409767f4c222d0.js Show response
dashboard.sezzle.com/customer/ 15 KB
9 KB 277ms
277ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dba21c409767f4c222d0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Y2UiwNifRSik2ftdVIx2NJSjAZCB74W0
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"71a283f0bd09929420eb42c943d2aee0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HDrJ9VjRNBKcxc0W8gMXvW_WvX8pwXCkIvKbUNRd3rEkAcVYxHxXCg==

GET
H2 200 d34ed654a54c7f7c2879.js Show response
dashboard.sezzle.com/customer/ 45 KB
20 KB 286ms
285ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d34ed654a54c7f7c2879.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 3cf8oVIkncZd8S92fGMZld_p5NobzvMS
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"372139d2b2cf8f6907452a839ce3ce7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ok4bsFHBCfLTuDV4JoT5KsTH3uwKArcs3P_IS5CJ9aK5wbEva5l33Q==

GET
H2 200 cf61b0190262999540fc.js Show response
dashboard.sezzle.com/customer/ 32 KB
15 KB 275ms
275ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cf61b0190262999540fc.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qqHDBbSCcIsPnmUDMDM0mKXFUx10cLC6
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"3ef2bebf8f0a6c92cf04e08f9be94d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: P5wpPBlX5ZWSOUf6tXK65P3OGXOkiLgyzyDDXZnoR3Keak8u6jM1Bw==

GET
H2 200 294199fb500e225f76d1.js Show response
dashboard.sezzle.com/customer/ 26 KB
13 KB 330ms
330ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/294199fb500e225f76d1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RhpgIwz4sLgVFkLnHL_DaL3h9maNG4B_
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:22 GMT
etag: W/"c30a3cad191b1adab2709c5df908b663"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZKpCSMdIOV1Xr6H-f3snjaQ4c6t23p6lvChlIQ0LlZg7UGe93n3fjw==

GET
H2 200 ba48324d348fdfd3de19.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 280ms
280ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ba48324d348fdfd3de19.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wq2wAk0IzRz_kBa9vfuEKQjzZHNPW5k8
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"8246c443fd9c0ef91e582d500b6a2073"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jhO75b6MHRVOJjhB-NZ6jhPwyd0U3xJ1hMX0yX3DNc0YwjyTUE463Q==

GET
H2 200 20b8c23fb6af2dd22732.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 273ms
273ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: M2CucvsLiqHQdsV.iJytvpY1gELJut5X
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"d3457e3bb1fbbee2ae7c7fb50e75a2f2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: m15lykYUk2gvBSfl4jGWedMpwu-z7bWqqwjlfu_xwgCtlKN9-HbM9Q==

GET
H2 200 16c09ace82ff2dfc6fec.js Show response
dashboard.sezzle.com/customer/ 54 KB
21 KB 276ms
276ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/16c09ace82ff2dfc6fec.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WJBSy8cp9g3LWMJpfKZ.QbuhWrWFCx0m
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:19 GMT
etag: W/"9b95e5a5bdc30a0d8170ec5d7a544ba4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3G5y8pvJxYVZ5cx4iy-aQH3-xdMYV7-wLfOvZA2f3HPS59PpLUV-dw==

GET
H2 200 90098e8a2959c4750940.js Show response
dashboard.sezzle.com/customer/ 56 KB
23 KB 333ms
333ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/90098e8a2959c4750940.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a5033354da27c609baad2938d42e8198de11cbe83dd666c5997343833f9bc005

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JzUDF.4.CLf4kccLkCME8bNwMtWccXqS
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 225
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"2b79b391f90142d4a1e95114d7d109d7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 9YHrLTpzPvJG45P7D4BV3L58HTvnI7j7YnHM2cwaniJlsTqlewZyCw==

GET
H2 200 71b702d49c2543430041.js Show response
dashboard.sezzle.com/customer/ 95 KB
35 KB 277ms
277ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/71b702d49c2543430041.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: YvcvczICtJ1HqLwbC.WSpIebxvzMkilH
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"722d15a0ce497fdd562a3e13734b1204"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3BVGpyMf52iy4xBHeSO-1pPK3RV1zeBFZt-TdVqre8LZYzu2INBHtg==

GET
H2 200 5996d3e883a29e8c4b40.js Show response
dashboard.sezzle.com/customer/ 54 KB
22 KB 275ms
275ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5996d3e883a29e8c4b40.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Stmbrqahq7FNA7G1D.qhmrh6_p0Je4BZ
content-encoding: gzip
date: Sun, 10 Mar 2024 22:13:09 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 563
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"1168ace9b755fdaa31bee8fa950c8422"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ckWYXltPo17ItTGPQgItz_IbGIkhWkgcaHCkSuvXwxnjIiVQU1AQng==

GET
H2 200 7de6f906968d01481560.js Show response
dashboard.sezzle.com/customer/ 36 KB
14 KB 274ms
274ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7de6f906968d01481560.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NeWosK.r9uCZuJgo.MafgycISmAQtNQS
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"5cebdcfb449473308d6f20cd34547d2e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fhDcN4lvW2FNPlkNwI9BtwVPvZ-CMT8vlXSQacONK_HCkmpvk7LByw==

GET
H2 200 61579f7936eb81e43928.js Show response
dashboard.sezzle.com/customer/ 16 KB
9 KB 351ms
344ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/61579f7936eb81e43928.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8tEQc99Z61J78xxAEHzxvz_5i9b6U8c8
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"2263b54c2a6f363537fc3062ae60d537"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: KXFB-OUYj89BwjtoJOaJaoGItkyn5KskTGRPMK7TUWl7CFdg8_AATw==

GET
H2 200 d179d030bcec3ad1bc79.js Show response
dashboard.sezzle.com/customer/ 42 KB
16 KB 322ms
315ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d179d030bcec3ad1bc79.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ospXkW9YTp4sthTAtOo6Sc83M9mlwhQ2
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"38d0002465c17efa1cd33cd87389c560"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: LvsX28Ewf-rTZiublMzxm2ks2RO6ZiFdFAA899qyJCFyJmelDAsLLA==

GET
H2 200 84508b0119db4b8d89d8.js Show response
dashboard.sezzle.com/customer/ 16 KB
8 KB 328ms
321ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/84508b0119db4b8d89d8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WquWNDU.eF5hIzX.oRaecq9WaxPC24w2
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"4ad5d7ff4221ec1e4ca63535a6b2861e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: F8xZ1pHAjdNU2LJEzqqaXyrV9FjKf5PHzWW7nES2A5O7IdnlQwSN3Q==

GET
H2 200 bc6c40607186b8123b82.js Show response
dashboard.sezzle.com/customer/ 41 KB
18 KB 278ms
271ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/bc6c40607186b8123b82.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xszzqwKWOvBsUqt4Zf.ITg_VMiBbcJDj
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"e9df12476a87375f0aee34c45d92b89e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: xjhrDQEZR7EJldt_tbmUuUk8IcWTv0QgwUS1zGTZtSc-RhzwRjGV1w==

GET
H2 200 aba9eafb2237225c0091.js Show response
dashboard.sezzle.com/customer/ 21 KB
10 KB 280ms
274ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/aba9eafb2237225c0091.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: d5UDH8XNhEEJOxdwF5rPjkBmbNi876VX
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"69e7e26cd161eaa61d2cbf7533fb3795"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: pt_9UbHdD8F1IoOolyaLWgKEmKIlr3NvNVBhWuOy2TEltTPKH6denQ==

GET
H2 200 328af461014385e1d630.js Show response
dashboard.sezzle.com/customer/ 116 KB
47 KB 280ms
275ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/328af461014385e1d630.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XukkudJHWxlWOpqhvECh1zptPak5Axgb
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 225
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:22 GMT
etag: W/"3e82368cce7f44c2deb21dae9eca8110"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HDrvFk-CU_LQk1B8OjPCwJNWZVYTAs68ssdjIIcFagLTnbK6rpM2ug==

GET
H2 200 f49abfd21510e98e3b38.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 281ms
276ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f49abfd21510e98e3b38.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: G0QUOQJjCACjmqHqInR0s0quVC5dlcBu
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"730b1a2493c00d17667ea85a514e2c30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: riUv2lBCPLezJxqZ0K4VjjgIBY9pZms2BkoxcpULl7oQQGlzBodIZQ==

GET
H2 200 4194987c16fe56cf15b0.js Show response
dashboard.sezzle.com/customer/ 32 KB
17 KB 276ms
271ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 1LhKtxtczTwGGRpvdhTauNkWKYvyc8pX
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 225
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"0bd91b5148ec59c9333e41278a4e9d2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0tHadieZeA6looMzAOGHY06RwVROH8kB-r9tmvrTSWEP0CTrB1ZypQ==

GET
H2 200 0c0b11036ab99da64633.js Show response
dashboard.sezzle.com/customer/ 18 KB
9 KB 350ms
345ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: cdW.9Q8zI4Ye75OELGk9yS04a47NjXMS
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"47fa2fb58d7588410598540acbcacb55"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: m5f7HT1weUbJHIoMMeH-MBcmH-jjciSkA07TeJsqudIQMI3-9ZAJjQ==

GET
H2 200 3964e75922de7d163aa6.js Show response
dashboard.sezzle.com/customer/ 51 KB
22 KB 322ms
317ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3964e75922de7d163aa6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JNRYa87125Ggvn3Utl3iD50SpxsV4qud
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"1d1e68a5d66ada9f8becb9866ed46447"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: K7r41fBkYyabc0aCUccHflMcuRihUEsfxUPYDJPswga3xXVEWeKjZg==

GET
H2 200 6764fe5af3546fce4b6d.js Show response
dashboard.sezzle.com/customer/ 75 KB
31 KB 324ms
320ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6764fe5af3546fce4b6d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: eLAJfZM2wsyd20rCpu8msW.Wz_llopbC
content-encoding: gzip
date: Sun, 10 Mar 2024 22:13:09 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 563
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:27 GMT
etag: W/"6ebcc518518edc21122366a6670813ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kpEW9i_QPZAQQIqxeapbvDeNTuKnSi-4gMexFZrSdNVUrGGmncemqA==

GET
H2 200 fa29e805517206a42647.js Show response
dashboard.sezzle.com/customer/ 139 KB
45 KB 276ms
272ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa29e805517206a42647.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0e989d9c399122f4e4bf56f0a8c88e7c45f047862e13afd4cdcefca1fb8724e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: eHeoqRm0bF6fjldYxIGBrKGjA4HKkkfG
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"72114db726ec0f15e1b96905568244e3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: D4ICx7S8QeKZFeAYk5wCXcoeFVBOtSR5vDEigBYaM9Bkv8WkxBXX5w==

GET
H2 200 0e9757d9ff6b94c34dde.js Show response
dashboard.sezzle.com/customer/ 34 KB
17 KB 323ms
319ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0e9757d9ff6b94c34dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QOksVWi2m.zEm6msgJEaa9d3dH2XXKX6
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 180
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"006fd4bb37401463eef8eacf9d8c0776"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WC700tpe2V3i3lE4TI7C2LWPek96td-MnIfSZSd0N1kAVuU3I8Xh4g==

GET
H2 200 57f2056474be94426bac.js Show response
dashboard.sezzle.com/customer/ 124 KB
35 KB 320ms
316ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/57f2056474be94426bac.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

28daabfb2b1cb44d1f8d5d041c1991d8e7dcd0e6d9e62168208697c07702eef6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wGxI1WvUMB0Sw2xJvvpXQSFs0vPCNzp0
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:28 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"1c88149bb8377870e46b7b2134e3f652"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: DJo00svoIue6VwJOLPPBp2njl1EzyQ1hcSzVW5R_pmcZOqkyJMdGJg==

GET
H2 200 4478d00a40617c6745c0.js Show response
dashboard.sezzle.com/customer/ 219 KB
61 KB 321ms
318ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4478d00a40617c6745c0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef896e0ef17ff7f7d86cd8cd472546a37cd78f9e6f1a18b8f219405f27cb10ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NlCw29au_eDb0FpHuK9.t7PfWBl92N6h
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"ea958d9804eba321d0c7ceb787d0e212"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EMEwdf5hu5ZfDauRZepbjcMDdzq5n6zyzRw7qtCpKTCvkfoPSaznpg==

GET
H2 200 3166a49e08d388802b5e.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 322ms
318ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3166a49e08d388802b5e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: gQNFA9N29gptkI.2cy.XJRhtCLLBJG89
content-encoding: gzip
date: Sun, 10 Mar 2024 22:09:44 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 760
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:22 GMT
etag: W/"451635eba560a4f045ac3961ed1d5d8f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: i4EyXHiJ3PCUNBgSI0Bik_GSMps7sUTyU7zBJt_kevsHQHrjXrxUsw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 232ms
85ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATPJN2BBRNAVEP8C
age: 48
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOpUVXY6Ly5TiPsbobu9Hoc4hL375JHhQUEKURpdNbk12j2X%2FqYSjGODo2dsOF%2BOeiO%2Fqc3jWMQQlmg0DVWPXml5lOut3wI80h2ftQxE0O5Dha%2BbngOnaqtA8C%2Fd9zkPFFYefi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8626b3d0bbd15443-YYZ
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 234ms
69ms Script
application/javascript 2600:1400:9000::6875:b609
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b609 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 22:22:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
x-amz-request-id: 2YB2S79F7M1AYA0H
ETag: "5a676288bcea03bd05e483bc4ce066ae"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1715
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11792
x-amz-id-2: zv8gjwupVIE8rjvpBDLtKTftzWpNC38nKXy5SoA9M4CleAIvm2p/AV+zJcIejoEzSUvSi4VBbsk=
Expires: Sun, 10 Mar 2024 22:50:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
102 KB 275ms
116ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

153945655b486708fcf13729d31820124bd4fb214487bb98da04432fe5e3b079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104090
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Mar 2024 22:22:15 GMT

GET
H2 200 A4960984-1d8a-4877-8732-da02a6e830751.js Show response
utt.impactcdn.com/ 33 KB
14 KB 249ms
89ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 17bc25971fe2456cb6aac9a74191383b037ec64f700d1b48e8db5f3419bce615

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPoXvsypQNnd2rASHNp1NLsYQ0yxvfcVmQKtiNCUXdgMdOkBMlGsw-8u3RkMGRTy7aBPVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13572
last-modified: Thu, 29 Feb 2024 22:40:42 GMT
server: UploadServer
etag: "4a348ce75121a8e6aebfe2e002da9d08"
vary: Accept-Encoding
x-goog-generation: 1709246442676682
x-goog-hash: crc32c=68nVtA==, md5=SjSM51EhqOauv+LgAtqdCA==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13572
accept-ranges: bytes
expires: Sun, 10 Mar 2024 22:27:15 GMT

GET
H2 200 f5e28690-e3b9-4eab-8d64-51d4051e7e96 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 286ms
163ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5b21f4bf351eea6b543452f15a404a7384c5c22e06f6e12c34e8a3fdad9d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8601a29b2ca98691-SEA, 8601a29b2ca98691-SEA
x-runtime: 0.011100
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4a5b21f4bf351eea6b543452f15a404a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VG0veZraZfJHrQX4I6zLQ%2B2rWuy9WAblQMrgk%2BAcERkfsNDBpMxZXeF6yKnBx7kSrC0OETet34ebvOL8JNfJfWb1w9128%2FLy9opoq9wg20v6Y%2FGwKRE%2BKFTUoxBmciWBoo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8626b3d20eab39d2-YYZ

OPTIONS
H2 204 create-session
api.sezzle.com/v1/event/ Frame 0
0 393ms
118ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-session Show response
api.sezzle.com/v1/event/ 0
795 B 552ms
296ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: 6cc9f04d-3541-4e3e-b957-bec7d4469589
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 252 KB
69 KB 218ms
63ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:53:44 GMT
content-encoding: br
age: 1711
x-guploader-uploadid: ABPtcPpvKhnu-_jznPQAkMJi-0vJCvRoU471fR4t2720xFGB8ug0ndlURqyKrKPOajgBLxWf3w0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 07 Mar 2024 13:50:26 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1709819426398348
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Mar 2024 22:53:44 GMT

HEAD
H2 404 version Show response
api.sezzle.com/v3/metrics/ 0
911 B 327ms
120ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=730003d5284375b0d7d2aaf5269e91387f5ca407

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/57f2056474be94426bac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
content-length: 18
x-xss-protection: 1; mode=block;

POST
H2 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 2 B
324 B 240ms
84ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 ee3a4cbc85099f50e569.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 94ms
94ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ee3a4cbc85099f50e569.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: oP8serUW4wfwVDD5f3eivR3ISVtMGpKr
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:15 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 5
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"f94ebe239654d9e05b86f211c6e30eb8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ASotvG-OB_tATjRLQ8lSUY1w6528YONWuApn8rF_zY2XHqiOstGJDg==

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ Frame 0
0 222ms
74ms Preflight
text/html 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 10 Mar 2024 22:22:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ 345 B
424 B 91ms
89ms Fetch
application/json 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0

GET
H2 200 797f8cfae1a2e64f73dd.chunk.js Show response
dashboard.sezzle.com/customer/ 212 KB
57 KB 65ms
65ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/797f8cfae1a2e64f73dd.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

85d890c235b069cc3ba2c5b1ce6380bf44592b7b3deec601ad63736b9c8ec2ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 7NwgdsERIFo69cg.gc_ZkKto3bFpbna9
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:00 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 855
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"e6cc5816dadabb2415935eaf1273a1c1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: x3dGmYL2nc970oyYY2mtwqQnDbRyfcIDtgLq4YHCzmfF3LElh5wbdQ==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 123ms
110ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=e6012efc1e
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 8728213
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8626b3d41c818c7d-EWR
content-length: 120109

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 211ms
199ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=e6012efc1e
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 8728213
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8626b3d41c838c7d-EWR
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 120ms
108ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=e6012efc1e
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 8728213
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8626b3d40c7f8c7d-EWR
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 210ms
198ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=e6012efc1e
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 8695997
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8626b3d41c858c7d-EWR
content-length: 1733

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/e6012efc1e/81665541/ 0
142 B 119ms
119ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e/81665541/kit-upload.css
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
cf-cache-status: HIT
age: 656546
content-length: 0
x-request-id: F7kyQS8mEj6UWmIu20Sh
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 8626b3d3fc698c7d-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 110ms
109ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18b96032cd18a7d4ecc4348fb86be57facbb7592538bf9206422be61381de717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95760
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 22:22:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 96ms
96ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f717ecd303b82236a919f9a03dbc37e33eb1eafa4aaf754fd86ef5a0f390602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 22:22:15 GMT

GET
H2 200 web-widget-main-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 461E 436 KB
139 KB 96ms
96ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca5ea647188d6456824815a451fae306cbfec45e84c532f58e88c21c5bb995e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
x-amz-version-id: NoZGXivVFad6sjcxal_Ijp_zIAteJX42
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Z3WGVQMA38N78DSS
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UjA3bV/MLtWGg+G2+b0Ia1D0bGu/1fuPVX+alwZtlL++S7cYeiO0qYN5isk3dTyvUWc+Bxte35s=
last-modified: Mon, 04 Mar 2024 14:01:38 GMT
server: cloudflare
etag: W/"8f8af5ca40083828ecfcdfb3dad9cd3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FpvWTb2iGkd5MnAB97AmmiiL40m0ia%2BvDp%2B9hl601CUI3yby%2FPR3CtSbhXM1wHiHa%2FwrH2U1T76EyeJrE1vX8iCTwqYGxbltgtlHXd%2FBc0FptDHM%2BZWZU2%2BnPn5588qgTPkVp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d41a135443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 176ms
54ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 21:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1833
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Mar 2024 23:51:42 GMT

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 0
0 256ms
115ms Preflight
text/html 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 10 Mar 2024 22:22:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 624 B
679 B 140ms
139ms Fetch
application/json 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c18300e829b138b1cea8ad083f046079328012033c0e44f4c650d079376d6a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: en-US,en;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1hbmFseXRpY3MvMC4xMC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4wIGZpcmUtanMtYWxsLWFwcC85LjIzLjAiLCJkYXRlcyI6WyIyMDI0LTAzLTEwIl19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

GET
H2 200 Satoshi-Regular.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 293ms
109ms Font
font/woff 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10242623
alt-svc: h3=":443"; ma=86400
content-length: 30876
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "789c-5e44d05a18ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQjT5msXJOZy9ftr8llORt5uKDpzhm%2BH3cdyqHU8oXFUAM27cq%2Bb1LtZ0x2eaLDiOo2HkRnx1fbIv34%2FdbEO5iRbZuxMg6WYsCiBUcK9mN4ix7MBL5VKLDY4jX%2BXMr4N%2Fl8ZxsZx4F0hSx7TpMbAsro%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8626b3d5af9c189d-EWR

GET
H2 200 supported-countries Show response
api.sezzle.com/v3/users/ 484 B
1 KB 487ms
273ms XHR
application/json 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-934f49c4766e3d9096112884fba7af87
accept-language: en-US,en;q=0.9
X-SezzleInc-Auth-Resource: dashboard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Trk-ID: 6cc9f04d-3541-4e3e-b957-bec7d4469589

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 supported-countries
api.sezzle.com/v3/users/ Frame 0
0 124ms
123ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 feature-flags Show response
api.sezzle.com/v2/shopper/remoteconfig/ 332 B
1 KB 448ms
272ms XHR
application/json 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Trk-ID: 6cc9f04d-3541-4e3e-b957-bec7d4469589
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-934f49c4766e3d9096112884fba7af87
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 feature-flags
api.sezzle.com/v2/shopper/remoteconfig/ Frame 0
0 137ms
137ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 259ms
87ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je4360v886187776z8810595113za220&_p=1710109334940&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=658592009.1710109336&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&sid=1710109335&sct=1&seg=0&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto&tfd=1988
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 234ms
88ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1MJLY6RLKW&cid=658592009.1710109336&gtm=45je4360v886187776z8810595113za220&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 197ms
88ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je4360v886187776z8810595113za220&_p=1710109334940&gcd=13l3l3l3l1&npa=0&dma=0&cid=658592009.1710109336&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=2&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&sid=1710109335&sct=1&seg=0&dt=Sezzle%20Customer%20Dashboard&en=Clicks&ep.cookieDomain=auto&_et=4&tfd=2051
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 173ms
90ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je4360v886187776za220&_p=1710109334940&gcd=13l3l3l3l1&npa=0&dma=0&cid=658592009.1710109336&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAC&_s=3&sid=1710109335&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&dt=Sezzle%20Customer%20Dashboard&en=page_view&_ee=1&_et=2&tfd=2078
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/13FHV/v1/ 9 KB
2 KB 72ms
71ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/13FHV/v1/web
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e57d0033b27eed4e25bd8572e25c1352550942e8e455f3aa3eb88c63b1ae0048

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:21:03 GMT
content-encoding: gzip
age: 73
x-guploader-uploadid: ABPtcPrhCECFhG5hE67ZQjNpZ9BbFXHkeKtYLQRXdb787D6OqBVIWtCpsb8rS8CQ1BQjRR0iQ_U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1947
last-modified: Sun, 10 Mar 2024 22:19:10 GMT
server: UploadServer
etag: "3471136ee4690500a7a2610883ca88c3"
x-goog-generation: 1710109149937084
x-goog-hash: crc32c=yZVq7g==, md5=NHETbuRpBQCnomEIg8qIww==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1947
accept-ranges: bytes
content-type: application/json
expires: Sun, 10 Mar 2024 22:36:03 GMT

GET
H2 200 en-us-json-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 461E 18 KB
4 KB 104ms
103ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
x-amz-version-id: jKKgj16E81Y7P._SBG2RPBC9Tc2kVwY8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MM3YDDW42GX9FPQT
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RhAWnJNEpmN+o/er85Opbgm8OSzXn5+eZO/U1IVIXy5THMCh5QKmYR7158AMNT+qdQ3ydqX7XAcFf1s/2y/n3A==
last-modified: Mon, 04 Mar 2024 14:01:40 GMT
server: cloudflare
etag: W/"3ac3100c0ffed8d435c31e09d2196883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqyX8%2BcifFngzjB%2FA%2B48MnryZSmEMcocGWo%2BoO0oAEL8CtnUpemya0fNUb66sdgxefhvSbvc8uf18qcPhhTHfbPC0HqgOT0EYNAU9teBKDfjD9JmhZmyjoXxW9Y1d%2BT%2FvHyvVDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d6be4a5443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:39 GMT

GET
H2 200 web-widget-84852-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 461E 139 KB
47 KB 112ms
111ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
x-amz-version-id: mGkRK77zS5lYh4yawUvMGfT4dldOVhrP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V40PHGC9BEKM4E
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: dP3pidc3CdqFsHQVW6Fs69OvVZlyC3ccFW1iei9F1K9fhopply/ugwtJMooIRlxGTss0ZVQbPXk=
last-modified: Mon, 04 Mar 2024 14:01:37 GMT
server: cloudflare
etag: W/"d19f02a4d0c4a8500e3d2de6c4f5e6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAv2T9wWAO1ODpGLiMwBYOo3FM8YnB7sQJwRQrp4ntGv5vNFcojL%2FbKaRl%2BNsfSlG44o98Rode3tSMgHdQ0ZSfJWDZV4KngHauAJ0s3jVE2aVqD3O7cp26r1k238QX5QcJ32K2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d6be515443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:35 GMT

GET
H2 200 web-widget-1327-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 461E 18 KB
6 KB 101ms
100ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
x-amz-version-id: 8p.sJ1E8aiCe1oLZCVAZtOADpUTrOiTI
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V4A4ZKP6Z0PWKY
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yp0xO+rL7++XEHyTTKYWWrk3O8xBPFVRMwabfy0plO4edhJ9xQX7KSTdwWXWObZpKF4NqAfDFug=
last-modified: Mon, 04 Mar 2024 14:01:30 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Bza87MMtBATsqK%2BL7EbFDmGRtsGzZSGDA3bwru5tWdL3eBhtnASu7zplaOEJmxEhG6xgkGSxn0EaPm%2B1RHkQ9Lllk7o6SwQYhUYtPV2vv9twyZ52kq59omH1G3C7mVRw%2BP%2FdK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d6be555443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:29 GMT

GET
H2 200 web-widget-92795-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 461E 14 KB
4 KB 90ms
89ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
x-amz-version-id: jPEtbIkAgr7cqpiEztg0pOZiRKvDd.yh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V3TZ4QGNFJHYPP
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yFlaUZj4TAaHlMe1Hs7wtqKxFUJgXvfMzbWTv1/z46BuwKinYAGHaWV4y4GacLIwf1sgtvr0YI0=
last-modified: Mon, 04 Mar 2024 14:01:38 GMT
server: cloudflare
etag: W/"0ddb1019371eba2e87775cd507d5bf90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qNAPKfdUDLjmbcLQhe8uv6P6koiOL1yehytTmx0uxKfJUXjGWpDVPeGvUvlFn13ggsbsB8%2FemFhK9IEGKg%2BUx007b%2Fyn8cx38NQf%2BX%2BwW8YaIWMFJ%2BZFxDpV05jsaa6UOq1%2F3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d6be585443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:37 GMT

GET
H2 200 web-widget-15178-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 461E 12 KB
5 KB 103ms
102ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
x-amz-version-id: lZmXYOfDIEm2Ja6CtCnwlcied3._WX1A
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5EVANSE4DXPNC2QT
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0pPo0H4Vtoah2ECB+NeIq1Scg3/bKQmins3b+XsqhFgHS8hzf/S4+4bZmIeuv32u04EHwo9YXoA=
last-modified: Mon, 04 Mar 2024 14:01:31 GMT
server: cloudflare
etag: W/"db77198393a490e11834f06f319204f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8LiaBz8MU115YMWbXe721ahidZm9B94xtTimhbEQ0xvSapUAxyM39iJGn8ezwaAKNyCbnybM4zefsgEdsZwxbpIp1uwNPBPLmuS4JSPEMN2A4yqytjZmqnqpHQP6gBwRj8EeyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d6be5c5443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:29 GMT

GET
H2 200 web-widget-59535-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 461E 15 KB
6 KB 101ms
101ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
x-amz-version-id: tKcwk7_9aIKSrtN.en5uXnGAJYkAqsLy
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V9VRNDD55AY8W9
age: 388723
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: pjIVyZxXgW6BXo4jmuZ73YAELrNgoaidix4bAdy6Gy8u1BMruDQm02I3V9sYcHrsCDJjrFYHrHICaQbNPVEVBQ==
last-modified: Mon, 04 Mar 2024 14:01:34 GMT
server: cloudflare
etag: W/"781401f7f5de09fdd2c7e3f9fa812fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgEgWHsJ%2FavdVacXqneSbLJ00f76u2MXuQw60288vMg5KUBH4U9wNYX091xyCooWFU7UzEi3mGQ4HG7wjxl6mbMK4Dc3mepzfNueC8OZDrU%2B8YRCU1ba4PWCPLXh19YLY%2FT093I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8626b3d6be5e5443-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 94ms
93ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1076643326&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&dp=%2Fcustomer%2Fpremium%2Fsignup&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1507432358&gjid=1303708840&cid=658592009.1710109336&tid=UA-72079130-32&_gid=1087687399.1710109336&_r=1&_slc=1&gtm=45He4360n81MX2HJWMv810595113za200&gcd=13l3l3l3l1&dma=0&z=1293002293

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 112ms
111ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f157a7788c03897b10064583814310a2acf37200f60befb4e7ab0908e93b79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 22:22:16 GMT

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 311ms
143ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8626b3d8a9d9a216-YYZ
date: Sun, 10 Mar 2024 22:22:16 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy6NSgnRiC3Sk2rGoZg8Q%2Fo1cjoSSvSCX2Sj7mrOsTYKroP2ULuzYT2TVSHAIeLvKM5kaXZU1QqZGRygFlMQoe0lcGnWWFOOdI85Sdg8wNKHFehrtdBsotrHJ8OtDb728r9h1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8626b3d8a9d9a216-YYZ
x-zendesk-zorg: yes

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame 461E 0
0 284ms
284ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BP2txab1Ve2Eo3SQ8mTvagpqsrKSJxpHBVmX%2BscsgY57E9eYEtQCkuLB6dGvKPB9Vze5glJ%2F%2F%2FK1%2BwFuwQV%2FQYtcViNuW4sjjaqKdNET%2B1Y7hy0Gh0MpqPRYeFgElyuC%2BXc4A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8626b3d9ab64a216-YYZ
content-length: 0
x-request-id: 8626b3d9ab64a216-YYZ

GET
H2 200 config Show response
sezzle.zendesk.com/embeddable/ Frame 461E 843 B
1 KB 241ms
73ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16
x-zendesk-origin-server: embeddable-app-server-7b7b744477-gf7jg
x-cached: MISS
x-request-id: 8626b3719e0d36c4-YYZ
x-runtime: 0.001865
last-modified: Sun, 10 Mar 2024 22:22:00 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyhqOSigitFD1%2F6TEAXl7S1GyhFvgvFi%2B1RBZ5nKDGyd04PfA3UD%2F2N8am8w1fgqn8aNoLn%2FysMUCgQZEudJqkALsqcsYnF%2FljQXIp7qb2Qab0pb0FJvjret989ET6ZarKkEwA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8626b3d8a9d8a216-YYZ

POST
H2 200 page Show response
rs.fullstory.com/rec/ 9 KB
2 KB 230ms
95ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 7b5546c73d7cd484294273bc334adda11daeabe5dc967d87b2039b8af05731bd

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Sun, 10 Mar 2024 22:22:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 71ms
71ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72079130-32&cid=658592009.1710109336&jid=1507432358&gjid=1303708840&_gid=1087687399.1710109336&_u=YADAAEAAAAAAACAAI~&z=506817812

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Mar 2024 22:22:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 228ms
96ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72079130-32&cid=658592009.1710109336&jid=1507432358&_u=YADAAEAAAAAAACAAI~&z=1566235933

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/premium/signup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 81ms
80ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je4360v874508995za220&_p=1710109334940&gcd=13l3l3l3l1&npa=0&dma=0&_fid=cylyn2J86XzoT8PlY7koSP&cid=658592009.1710109336&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710109336&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase&tfd=2593
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 status
api.sezzle.com/v5/shopper/auth/ Frame 0
0 144ms
143ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-auth-version,x-sezzleinc-device-info,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 401 status Show response
api.sezzle.com/v5/shopper/auth/ 24 B
972 B 129ms
128ms XHR
application/json 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Trk-ID: 6cc9f04d-3541-4e3e-b957-bec7d4469589
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-Device-Info: {"model":"","type":"","vendor":""}
X-SezzleInc-Auth-Version: 5.1
X-SezzleInc-FP: v0-ea6c37ad69531efc7826a3b4917cc2b5
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
content-length: 24
x-xss-protection: 1; mode=block;

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 7477 252 KB
69 KB 75ms
75ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:54:20 GMT
content-encoding: br
age: 1676
x-guploader-uploadid: ABPtcPpXPsyTga-z9IqWYD1xtSKEjigt7cLRr59W2XVGIwNb3IV8WhreoTFCp5GjAKTRnHohnh0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 07 Mar 2024 13:50:26 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1709819426398348
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Mar 2024 22:54:20 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 8BFE 252 KB
69 KB 79ms
79ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:54:20 GMT
content-encoding: br
age: 1676
x-guploader-uploadid: ABPtcPpXPsyTga-z9IqWYD1xtSKEjigt7cLRr59W2XVGIwNb3IV8WhreoTFCp5GjAKTRnHohnh0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 07 Mar 2024 13:50:26 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1709819426398348
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Mar 2024 22:54:20 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame E327 252 KB
69 KB 107ms
107ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:54:20 GMT
content-encoding: br
age: 1676
x-guploader-uploadid: ABPtcPpXPsyTga-z9IqWYD1xtSKEjigt7cLRr59W2XVGIwNb3IV8WhreoTFCp5GjAKTRnHohnh0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 07 Mar 2024 13:50:26 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1709819426398348
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Mar 2024 22:54:20 GMT

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 132ms
131ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 139ms
137ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 142ms
141ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 132ms
131ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 ee3a4cbc85099f50e569.chunk.js Show response
dashboard.sezzle.com/customer/ 1 KB
3 KB 62ms
61ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ee3a4cbc85099f50e569.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

96df0c35194186cd4ceb8fe22d1722c0462dacf15bb696e6da966adf323bc82f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: oP8serUW4wfwVDD5f3eivR3ISVtMGpKr
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:15 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 6
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"f94ebe239654d9e05b86f211c6e30eb8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: c5N6kSvSstuVo26B8mionSO9LLdwIm5-WYqivd5IW9Uu2EL4zn3MLA==

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 129ms
128ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 161ms
160ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: 6cc9f04d-3541-4e3e-b957-bec7d4469589
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 client Show response
api.sezzle.com/v1/accertify/browser/ 22 KB
10 KB 136ms
136ms Script
application/javascript 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/client

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/57f2056474be94426bac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:16 GMT
content-encoding: gzip
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront)
x-amz-meta-build-version: 202302_01
x-amz-meta-client-name: Sezzle Inc.
x-content-type-options: nosniff
x-amz-version-id: jAAK0SFQ_qqAud.1QQmzcc7DcvvECa9o
age: 3466
x-amz-cf-pop: HIO50-C1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Hit from cloudfront
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-replication-status: REPLICA
x-xss-protection: 1; mode=block;
last-modified: Wed, 05 Apr 2023 23:26:51 GMT
etag: W/"0b3f30d2c5828913f07f37e867212a52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
x-amz-cf-id: zsVKJqZxJ3dTErQ9EMZ-mtyWYjLBEJ7p0ygehKTIvi_lk517swwNZQ==

GET
H2 200 6ffb02663b0ab45e554e.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 64ms
63ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 4gwXszb3YvE1LO4dzj8Ydwi7vJttHfXU
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 635
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: xWNLlho7tJAgjCW0Xd4a8Lzw5ty_cSdOhph2io3ljCMqtMXG8S1Iqw==

GET
H2 200 09bd04621566e437c5b7.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 85ms
66ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Uqi0ZrF4.0hJObe.FQvWpFl6cUpuuAAd
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 641
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: JOwNA2zBX9dC9NP6IUQnBOloGMjHE2fTcyM-6nrQ_rM8WnU2cvAGmQ==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 86ms
67ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fCXR33jKjfygjPTdLWgIm55xAxMWiT3j
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 329
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FkCvH5AAEYulA4iWeKsF6SrY1mcw9bDYmVTm0MVVBMq1eyukJo_dsg==

GET
H2 200 fa3ed811783641bef592.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 88ms
69ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pSUYAWsyFQy7vOj9lqzoz8Z5jtr_XKZg
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fzZtJZJ9QOt5aj1RqHxefbOAUaGFkKmZa_lp7LchbnrjC8H3BtX1cQ==

GET
H2 200 af0aa6add0b350681528.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 88ms
70ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qCrNcKyeYTUpM3._XQ3izVkkC9TmBhY.
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 424
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3jr4azIEZBQsC2vTqLgOIw-i5G9f2_euC7iMxqTB4KrzqcSmCSlEjQ==

GET
H2 200 0c2dca37325d4db72119.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 92ms
74ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c2dca37325d4db72119.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sSqBOWHHNr2dYZfxlIDcnR1ir7fj4MkW
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 329
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"2b4805e641269469a8ce971c236c3fe4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: knXKD0jALhtnXe8hRWktKZv1Ixcoa2cCjnemHn3lvQnuDDpct7KW_A==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 91ms
73ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: GQoW8m4AXqbIGI5Ohp28vpwRwpyNawRp
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 678
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ktbfnACykDeRX29jlXLCeedzBo23bM_Okzjvj5GAzOzBGZ8NK62jNg==

GET
H2 200 14682bb3c63cae512aec.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 86ms
68ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: mZpishT1DDnu3RZfgJ55sqEtAUC_pw32
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 498
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:19 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WK2JgcBqIX1-MBoFrqGxpRYiQsVPQIBZ2P4LVF-WjhDah0MiHCwE6w==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 86ms
68ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CdBZ1gky4JhOjU_j7t87D_tDaZ0mUjor
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 73
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: irCYe3TqA1BCa2cD5cSbpk89Ndqu2MIU4h7UM7jksaH9Mmp2a_YyQg==

GET
H2 200 5943a84241d36f5283e3.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 86ms
69ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fAamUgThwkGHjpq3V_hcRHE5EZau12hY
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 73
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: j4ad6-T15hx5WoSQYozm3ux2JWbyr2S6RksTYw-T10gNR2H6lGuNQg==

GET
H2 200 dbbca07b740328687038.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 153ms
135ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lbAa4yKm6.ufc1eGZ9eqwXlzr15Fnlim
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: H-07K4JzAKszmeLXTXh71hU5zB6oqdGmcgm3AY19qhVVGb46oTSBbA==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 154ms
138ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hUKJ0fAyhnwM7gn6THgaZ2YEFnqlx0T8
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:27 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0IS23rkjD_GGghuUTPTLkINlykw9y2kWzrMBIN0rTDV5wGSFonS7Hg==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 144ms
128ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hjzwxbd1MXo8XHdTqTA6QEA1u0qEH3HW
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 679
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: f6GQSphhJszPAILyvuvOlj1NksJ4TrNToal5oXOPJOsTnrMIDlCNJw==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 141ms
125ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: .d4hZ5tHJ6UuMdNn4ur5HQYayiteQBM7
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: PuXcaGrYZ1gRkw1E0vsMgZstnRA_Qu9uDYOYFs-Us8Z2yQhjFyqf3g==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 143ms
128ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dsQ4L9FLdOT_lihgUqLo5S8z_BGKR4EG
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Cw2TuNKGQPXOwM_HKNqUDV0S85W_EZQ6WmCaPCQw6zY0kNVXaftruQ==

GET
H2 200 8811832d6a39201bc198.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 144ms
129ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z1m5AtMoh9lzfWvMz5LWp9Sc8jvgZ9IZ
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TIzGyMR-2dVVWD_idSi_BgUASp8QKQNerrPJFmfKBWOrRh06_IdQ-Q==

GET
H2 200 4760ba3062e72a347205.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 141ms
126ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6Lv6N2ro8GM6aVqGqv3IXLXFrQG.uKgM
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4sFt9vAyoNtEqVwx7hxW_TvZE8ckETr8Y9Z1UwK8EzDfvh-1fAIf3g==

GET
H2 200 4264c93c1d764c35847d.chunk.js
dashboard.sezzle.com/customer/ 0
15 KB 141ms
127ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: KMlAtUpj.AUHB84gspDdv5Eijm8J6Mbu
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: OlH4Hblxu0a60az6QHpmxy0NZ7YRBgXRQW993oW8GtXaFmgvlTNt8Q==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 145ms
130ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sgb.CXPVarvpyJiSESHvJJRdvJRwJ.Wg
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 330
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: W-bccMkfLt6U5pkQoKz6SHqCkoQ1bZ8UNm3nEpak-kzVz3dTjrhw5w==

GET
H2 200 9e95813fcc803f7dd100.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 144ms
130ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: axx4oS5IziEij4FU7lUY6RWn20HZUFXb
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fuMgZQPMAdvkT6sZJLLnfalWTdbNm6RaWFeo9VbV012WfTh83rU6zg==

GET
H2 200 9fad61294dfc4b014954.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 145ms
131ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dHdhSmpdrJ4mU.4GqpAXNppm3e6Q_ZVy
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _wYiD0b_Ej7C0IpnoMyhGhBTYlLmYcyIT53BzvAgwh99RyEqyBu45g==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 142ms
129ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: REzt7sp7H7ic6sH_cp3R6IXZySm7yfXR
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4qx8T75XuxchXMTgdWLprCQ7-K_c5uTR1okW_Ki-IelhUfto8eCzug==

GET
H2 200 0d01b350befed2dee3f1.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 168ms
155ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ndg22zjDWd01FiEi5JWxll.dJCJNX1HW
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: VEXBcSBYkzqJqhxydgWkenkZ_ieTEUTofzdvg8qB0ZSCSJIruH64WQ==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 144ms
131ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hv1m2mQFIcXGYjHA1ZXLovDdJItBZy6Y
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 59
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6BoEggRfNeQMOtVO2DWXwW16qVI2ZobNPi0ndwqqaGlvTbkZZKxkuQ==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 146ms
133ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: P_DGYxG4sl9fojWqi8DdDNvME3vtSn95
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: aKwBkUDu-yUwc2ynREO_YCi1bF8aMErmjx377-qaQJIr6ImcSIk4Dg==

GET
H2 200 8234e2dfceaefe948816.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 149ms
136ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: n5yzJ6hbsuNRv0490aAfhbT6fkzTN5Zz
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YyLN8H8F2T0f0qr5rjk_AZFqfDrcXRJJpZHg9p2rbowecySwdJjj6Q==

GET
H2 200 a097f2bf8c32774866df.chunk.js
dashboard.sezzle.com/customer/ 0
8 KB 145ms
132ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XNMlqqv2HxLd1xQNxm6BQ9VSNUekbuTb
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Xg_MaxktnEWnmlO9sLDq4S0Cu9IgItaA759vY5TWGLLZXZ4d6fvAvA==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 147ms
134ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zzJHPjP.2XQltrEtex2.8J1vPHYNSbkt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 700
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fW_yBo6NpD5ld067270zO3pVhhHiOpcsuvkHSN1wjtUfaVGLjKehcg==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 169ms
157ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: TxWeZu1IDRqJPq8VSnPk6fMYh8W1WxM.
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IhxXEJk3OmI9DVI1UXrJQOTL0bhdG1lISiIauhpjcSZOh4Q1Q4Ymbw==

GET
H2 200 4508149fd282227b8d0f.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 146ms
134ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yqWigl5EPH7D5yHErrX25JmSi0aaNSBu
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: hKMr6DkAab3GJp-xEUCvCtZNJfFoD2OPn4TR6rWmQSUOXhNpzS17RA==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 147ms
135ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: l23Nci5XcM6HM9frIvkIzsWriUksfcKL
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:20 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jOQbafM8icmjxGi9zso6w_xkRdxMfGW7b9pxnclL9qzeEbvYUDYF9A==

GET
H2 200 a98d1424cac4789c93a2.chunk.js
dashboard.sezzle.com/customer/ 0
29 KB 149ms
137ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QTaYy4XqBXSsdze9wNVv2aaZnkd7uNPf
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WQsifki9HiJHIJwmoZeQs_da4zUzSb7dZioVjnKGOYxvFHU58TIWsg==

GET
H2 200 824d6f85b144437f289b.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 150ms
138ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8sDVpVER1fZZ_aTOan_yUe4B6XmWjsCc
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 330
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jcpIcIXu8YlIuYhDci461frHX4XprdQiag0AyIoRmBdc2nhzE8PAGg==

GET
H2 200 14be24bccbc068111182.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 148ms
136ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: q.tipWlI3WM1eGhEtjDIubTXB6uuMWBo
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:19 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tJsPzvIAMnobfe5iEqmPqWMOh5hnfez27pKHhX7Q0yHVhJdl6d8SfA==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 167ms
155ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: irw9yqIVjnylT0PUDqHCNKtnOmWAsl6R
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 2
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bCxv3zyU5StKLe0LkoZMk00OkrD1SFlYiBg_hmIN2MtK_rdKonJxGw==

GET
H2 200 3ea20e0fa8f0ae630bff.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 173ms
162ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ea20e0fa8f0ae630bff.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xINnls3hNhuz60zQrWobmLh6BX78yDrT
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"e37ff82f842745e5594d275ad1283b1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ba4k59Vuel5Oy5tFNWA1ziTbmxSgJJbbqvxZWRrR-HOwu_a8-5fF1g==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 171ms
161ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: e6Qlr7knDM7mP28ztzWYhOAaKw0ed7Dw
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: oXHPZwAvWFCoKHrIk_V90L4--bRJTDgdNL8F89-EC_exfuTdKjL2Vw==

GET
H2 200 d3e0b27b541a88b56439.chunk.js
dashboard.sezzle.com/customer/ 0
21 KB 187ms
176ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LKije0zQpXZPDmIvCW3tiXHLaXxh8nln
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Yyc5f65jfqvoHvXvnCcDa1YybdWGV9NeLuOPHlS1eTZ2o4gk-KafGQ==

GET
H2 200 95752ac49145b73483d1.chunk.js
dashboard.sezzle.com/customer/ 0
16 KB 179ms
168ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6gPPxRgeRbhOPZxK3RMhgatj4Aeb_81c
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bIEtgXNZMfPTQBwjX1oV2S7Z7Jzp7LAGVLsc3ZMMSfWOIQvot8dGdw==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js
dashboard.sezzle.com/customer/ 0
6 KB 172ms
163ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vjlzF008xdu1EJpBddsXYYO_GshB4qXT
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:22 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tQqx7dDjd0J6iDptaddJJtz57sr1ldlOUbQ2THpjADWN-J7FpSMH9Q==

GET
H2 200 4aa5798b018517a651a0.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 171ms
162ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9YaJm5yvOsNvd9WPiTgEhSGdYS1DnWOt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: AYwMDbhF_pRFZexgg00Qzp5YBY9RXGG7h1D36gPDFpT5ek9GrUbDHg==

GET
H2 200 3f4aba9f5964d1741939.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 186ms
177ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: IvT6rpbGaN7peaApnmZUVsYqZ8FPOYYR
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1yAVAz6fA4-y5MnZzMMqxAELMh1skiVJ18ODJJ8G5hDzP_nbAN7qBg==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 176ms
168ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QFr63Q_pyQSE_5IXarZTr1zWu7IZO3Mr
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nH3FALw4ecWMldcFuvCBfwy4Mio3oyyTsJOig_LEQXUhz6834RWvLQ==

GET
H2 200 4a0ba63f290972189691.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 182ms
174ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: cTkyvUdi0IlUc7RkpbDP0GHc7_aIqhro
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: lIE7WTadAgb9SJnebsXfg6p9bIblYV_O9qNKsBGpmyVB07mCVbJ5vA==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 179ms
171ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hfXSxmY6xW8dSRbjB8qsDfELUqjgjeJt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:27 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YdELKJV6Jozh10OTwQC6dxv8vobCbrci9UESImFgX3FyST5TBAkbJw==

GET
H2 200 c5b620c163f3b359d753.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 180ms
173ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8vYyX3kctQoTwOG6mTiltsHAWK.B_qqI
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: XbdupvRXeYCmOBoI7GEjVFixP5J6SRNNkg6hUTFkWsboT5Fh71z5Mg==

GET
H2 200 b508ebff5126e8474986.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 176ms
169ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dQ1v0l.huW0QIsiO35Pif1afSI8gNYVG
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _IiWj8DGg3g6Ln2Ly-706skrjazVyW_gxUccD95o5NhUx6CIan8h0w==

GET
H2 200 95d58c447de1b1125092.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 178ms
170ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 7tjPggk1YIW4tPNmmGuztkyjJEAnrfKl
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: x3QgPpDdXi1d0kWMC9MchYL01ABIGYdlYYyqLSqAsdGEEk4vlVIeLg==

GET
H2 200 94376e38e631783ec8d6.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 177ms
170ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Z6D1ikKSpYrlkNO94nVDZrgxCwVGsRds
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: noBqHJZJNcoSTLo2dzsR7Xbqu_FwgLGmRoel0bl0DdTesQFAKZ00pw==

GET
H2 200 8e0a43f0256a3165a631.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 187ms
180ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WgWPGJAyOZQTGcf0otnw8UlrqbtAnwLK
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 2
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ckqsfnub8cthH1r-73DmaX-2sfr1eAer451nONohKDeWSDaqU4tH-Q==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 181ms
175ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: il0OtLNjO0sq4HohqZYoFZJcfwFUEk3E
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dQFSvalA_9INjVQ-EAX64yFOUkMyN5Bd9c8fA3QSJy-1yNyjPLGLIg==

GET
H2 200 27fb5d991e982837bbb5.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 178ms
171ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: uMhvsE2XOsVRWLQVwhA5UnEeZN99iAuH
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: MKcd31mlIM83Cm1MZnolfTof6DGMNJIpxIzSRqGqAK1_h8R8R2msiQ==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js
dashboard.sezzle.com/customer/ 0
22 KB 182ms
176ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: mLoIb_E0UDytemSC6Z8zWWcC5OkCmWpA
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _lEoL203c28eCLszvkwlFz9lnZ6hsGnCOUsJouOptwUoOkb4Iv4vyA==

GET
H2 200 610164a2e172e3e4da56.chunk.js
dashboard.sezzle.com/customer/ 0
41 KB 178ms
172ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/610164a2e172e3e4da56.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rSIavIRWFuVZsBqyM9fFVENZ8a.BC_Dt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"39c2500270806c2c6573cc21c45f1a8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: OSRVrV_Os7o1LKMnlnwNcAiskiZVhPi-aYmxLiKY7ojGWqCFPJTUng==

GET
H2 200 e09d48e2409b9f29e8d0.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 181ms
175ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e09d48e2409b9f29e8d0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LJDqTh4r5eciBPyKICqmFpKWYYcO._6V
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 663
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"38eb356959ca661dfef9bc930c6e10e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: l5Y85vjlpgD0KPAhhigqxfV7-3_YuQq5CjJML47QtLTQqjPncHQCxQ==

GET
H2 200 dc486ba2afb7e58399af.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 179ms
173ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc486ba2afb7e58399af.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WGHnZsyCOP32a2ZaMdISnlqaF3dpds3a
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 521
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"f0b0f6f21faa4241c93372cd79d1d110"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IR0l4N6AlDa6lLOzNfhb6q9EmpPy14fJC2zdKZPZKVDiEXA45I9cQw==

GET
H2 200 52cea44d2b38108385a3.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 186ms
180ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/52cea44d2b38108385a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vsNzVZrzsYiTnZn02tH8dhQKAQT.61hT
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 6
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:25 GMT
etag: W/"eac43504cc149c975296e23b48999bda"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tIM6IPhyZ6vAxZilsVvQI-ihPnRxi2nYwedbzVSevXsq9whnxNSCFg==

GET
H2 200 0463d29e0b188837e4d7.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 258ms
253ms Other
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0463d29e0b188837e4d7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yGdQ27_mFrgcL.FhbqUACPfuAs5W8r8e
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 2
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"d4e69ca8c4c49db025c859aa9925c4cd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: VeHzzG1GFJPsJyH1IQk_9dihIhubG1eSmkIxr7Lo2c82wPQrA5uFww==

GET
H2 200 d5f5e6f325231033d4cc.chunk.js Show response
dashboard.sezzle.com/customer/ 3 KB
4 KB 148ms
137ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d5f5e6f325231033d4cc.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: muR.zMwchvtRkQ9Zje6DgvEYR.r_6eFl
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"fee56067ea57ca1eb89bc5c82204636b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: BxGj6198SWddLqjqVVNzs3rGLLEBQ42dy2Y8f6hLivB1MNBFl6B_0g==

GET
H2 200 bf.html Show response
api.sezzle.com/v1/accertify/browser/beacon/bf/ Frame 44B9 6 KB
3 KB 328ms
328ms Document
text/html 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-type: text/html
date: Sun, 10 Mar 2024 22:22:17 GMT
last-modified: Wed, 15 Feb 2023 22:01:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: accept-encoding
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront)
x-amz-cf-id: DwibMkTUDh2tcESjzEpnJX48wnxbhpTOdXGU27-RP4gPN0oxqOrilQ==
x-amz-cf-pop: HIO50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 cc.js Show response
api.sezzle.com/v1/accertify/browser/ 39 KB
18 KB 409ms
408ms Script
application/javascript 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/cc.js?sid=beee383f61fe5c6f&ts=1710109336947&namespace=advc

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

17f5953ca542e43b0f27552b028916981d1d2a56acf437968a77406dc38b7dfa

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 a8dfbcfd2b9a376324907969cf0f5cdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
x-ia-request-id: e5887a9e5dcd09197b825a80c7f1b940
x-amz-cf-id: 3RyJGadaS4SkoCo9uaT3evZdAFka_YYg_aYa_p12-pisaRcubteYcw==

POST
H2 204 et
api.sezzle.com/v1/accertify/browser/beacon/ 0
1 KB 148ms
147ms Ping
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/et?c=gLaZegefMpAvkrns_6KD2oLP8FU&t=50e892b6e2918e8081d7ebe15e94fac571cc

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Mar 2024 22:22:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com, *
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: E-ttzJRZOTr3qO5UglSXU3S5Fi_F7FD_dn_keYwTT24vxWr3FX4SfQ==
expires: 0

GET
H2 200 6ffb02663b0ab45e554e.chunk.js Show response
dashboard.sezzle.com/customer/ 62 KB
18 KB 106ms
58ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 4gwXszb3YvE1LO4dzj8Ydwi7vJttHfXU
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 8s-YkFdW4Mxvc8A3pIqJXVCVlqX8svZttuCHuJaojfoguIdthoLj6A==

GET
H2 200 09bd04621566e437c5b7.chunk.js Show response
dashboard.sezzle.com/customer/ 35 KB
11 KB 108ms
61ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Uqi0ZrF4.0hJObe.FQvWpFl6cUpuuAAd
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 642
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bdUbFS1nMe5HFfqBhcWJ-gkeef1GxtYwVhfhWa-a1gtPEmyuttOD_Q==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 109ms
62ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fCXR33jKjfygjPTdLWgIm55xAxMWiT3j
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 330
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tR-dqWIYLhPOZiUTaHrs00neP3g71_rWqaPfI_OIFjhemSdotDLFEg==

GET
H2 200 fa3ed811783641bef592.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 114ms
67ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pSUYAWsyFQy7vOj9lqzoz8Z5jtr_XKZg
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:34 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5pxi3DnFBuDeoFuRDfPIN41JPQtM8UvRy2FaGMEkFohyR4jQykhDEg==

GET
H2 200 af0aa6add0b350681528.chunk.js Show response
dashboard.sezzle.com/customer/ 82 KB
24 KB 117ms
70ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qCrNcKyeYTUpM3._XQ3izVkkC9TmBhY.
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 425
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: M83LEw2AZ5Gq6GGyuvbGAnYE1eQcVd7F3f2pM46X14KEuWSyyqzk3Q==

GET
H2 200 0c2dca37325d4db72119.chunk.js Show response
dashboard.sezzle.com/customer/ 28 KB
12 KB 110ms
64ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c2dca37325d4db72119.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d9d56505a77ca07e02c200a48794653355e4af338f226fb63ec74fbd2bb97301

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sSqBOWHHNr2dYZfxlIDcnR1ir7fj4MkW
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 330
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"2b4805e641269469a8ce971c236c3fe4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: C0VYFjYGmBpAOF-NO8WKQtLH6YNdn2lLF-VFLKdPo7vv3a3XspWALw==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js Show response
dashboard.sezzle.com/customer/ 66 KB
18 KB 110ms
65ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: GQoW8m4AXqbIGI5Ohp28vpwRwpyNawRp
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 679
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TCVG4A1EgcPlBy0RNWghi8gisxWm-HHh-UmyuBeytuppdBCK6CRcbw==

GET
H2 200 14682bb3c63cae512aec.chunk.js Show response
dashboard.sezzle.com/customer/ 98 KB
25 KB 113ms
68ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: mZpishT1DDnu3RZfgJ55sqEtAUC_pw32
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:19 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HP2ExrxU84a6sS6kglyJb-A4fkJd5wsmhGgz8VXSiLyTioFza1FaPw==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
9 KB 116ms
72ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CdBZ1gky4JhOjU_j7t87D_tDaZ0mUjor
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:28 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 2QCNSgrFOnnEcpRuj0PFTC--KUoV8Qx6SyakP2o2LSai-e6Pncps5Q==

GET
H2 200 5943a84241d36f5283e3.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 118ms
74ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fAamUgThwkGHjpq3V_hcRHE5EZau12hY
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: AQ4sp-gKKDWzebhRdeTdXHHa-jTZfX0cTRaGi2c8iQlHCVZl7pS72Q==

GET
H2 200 dbbca07b740328687038.chunk.js Show response
dashboard.sezzle.com/customer/ 29 KB
9 KB 119ms
75ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lbAa4yKm6.ufc1eGZ9eqwXlzr15Fnlim
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: x_A2RAeqbmEmUE9wuxdR2YJNYpp1nXrRRJ9Mh5o7pxcHqxLHp2qRtg==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
7 KB 136ms
96ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hUKJ0fAyhnwM7gn6THgaZ2YEFnqlx0T8
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:36 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:27 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: zHFtDgXpbQKEAAKQv4R7YgHTe4Htwgi5OgDw2Dmqk_YOlA8CHv4CoQ==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js Show response
dashboard.sezzle.com/customer/ 15 KB
7 KB 112ms
76ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hjzwxbd1MXo8XHdTqTA6QEA1u0qEH3HW
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 679
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: a0KT8JemOnjzgAf-du6iOe7EQkGCP2cklcOoMC-xOYy3eQBrCwuHDg==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js Show response
dashboard.sezzle.com/customer/ 45 KB
14 KB 116ms
81ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: .d4hZ5tHJ6UuMdNn4ur5HQYayiteQBM7
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FtlaAfaymbSpzeyLLnK0GAMMAx80M3lUBHSKrSYks8pxgRAaQk7CVQ==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js Show response
dashboard.sezzle.com/customer/ 70 KB
18 KB 112ms
77ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dsQ4L9FLdOT_lihgUqLo5S8z_BGKR4EG
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 74
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -0xmy_pUSua4Bi3uCjwMooodFb_u4SJpW_-OuTUbUyGWQn7d6Lq4kg==

GET
H2 200 8811832d6a39201bc198.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
11 KB 122ms
100ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z1m5AtMoh9lzfWvMz5LWp9Sc8jvgZ9IZ
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4L-OSmHpQU3o_IOBHgOQ3TZPEPgl50ES-S0N0dPWnx2BRV9yaw3W5A==

GET
H2 200 4760ba3062e72a347205.chunk.js Show response
dashboard.sezzle.com/customer/ 83 KB
26 KB 101ms
80ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6Lv6N2ro8GM6aVqGqv3IXLXFrQG.uKgM
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TdjLoCWtYJ0xs1SLQboQkLEkRNAwKJ5w7_Gy2ZxD70u6BeE3haHgng==

GET
H2 200 4264c93c1d764c35847d.chunk.js Show response
dashboard.sezzle.com/customer/ 55 KB
15 KB 105ms
83ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: KMlAtUpj.AUHB84gspDdv5Eijm8J6Mbu
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: uSr_fZ_b6b7GWt-HQXnKHRa8CvtVQ3gpu-6ThlU1bmWU2gVn0t54fg==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js Show response
dashboard.sezzle.com/customer/ 61 KB
17 KB 108ms
87ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sgb.CXPVarvpyJiSESHvJJRdvJRwJ.Wg
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 330
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RFTAuvG65Z-xcHn2ghyyIO5gfqijB8YA7wj31A5u3HVmGMk10qWPog==

GET
H2 200 9e95813fcc803f7dd100.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
12 KB 106ms
85ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: axx4oS5IziEij4FU7lUY6RWn20HZUFXb
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HRlUPz0WSKteeoUqpPlRnXxczM6gaaX7340winIIaUoxl6dgNDyBEQ==

GET
H2 200 9fad61294dfc4b014954.chunk.js Show response
dashboard.sezzle.com/customer/ 125 KB
26 KB 111ms
90ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dHdhSmpdrJ4mU.4GqpAXNppm3e6Q_ZVy
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ul0RB-Ldh_ZeghTN2u-zKzZ9jslSTopl3TNOfwI-7U6yHqBRoecF1g==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
4 KB 122ms
101ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: REzt7sp7H7ic6sH_cp3R6IXZySm7yfXR
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fTAipQ2efa2_SS3owv6CfvGNC6DftyijqU7Y-6dEuFK4oYAvwda6QA==

GET
H2 200 0d01b350befed2dee3f1.chunk.js Show response
dashboard.sezzle.com/customer/ 80 KB
25 KB 114ms
93ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ndg22zjDWd01FiEi5JWxll.dJCJNX1HW
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: iC8g0B1ixopgmtlubAoQ1TByUDwBejz82e6pJ1vu4groHKoKZJ7ESg==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js Show response
dashboard.sezzle.com/customer/ 18 KB
7 KB 115ms
95ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hv1m2mQFIcXGYjHA1ZXLovDdJItBZy6Y
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 59
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: uLzgaTPTzl_2mznZK--oCmrsZDr-a8PrUp7rbtk02uC34BXYjEfJsA==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
5 KB 142ms
117ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: P_DGYxG4sl9fojWqi8DdDNvME3vtSn95
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _dXljJxJWydd4gU7nIOIWOeSGmPd1zA-lKs5snxh17_-Kd2TIYtfQA==

GET
H2 200 8234e2dfceaefe948816.chunk.js Show response
dashboard.sezzle.com/customer/ 60 KB
19 KB 144ms
119ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: n5yzJ6hbsuNRv0490aAfhbT6fkzTN5Zz
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:37 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5ZKzfXFPlW8AliYol81i8D57aeG4apHxBdSCsplzLdbkZ3BhCr3-Ng==

GET
H2 200 a097f2bf8c32774866df.chunk.js Show response
dashboard.sezzle.com/customer/ 22 KB
8 KB 145ms
121ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: XNMlqqv2HxLd1xQNxm6BQ9VSNUekbuTb
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: moDiZfC_QG4Ua6QKF9Pel7fvYrA8Gq0h5QLhINZKNmiPdYmeLljZ1g==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js Show response
dashboard.sezzle.com/customer/ 54 KB
17 KB 147ms
123ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: zzJHPjP.2XQltrEtex2.8J1vPHYNSbkt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 700
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:17 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: K2-1Tr6AHqt3KfwLs9XGpx4Fbz9wO_d1elGC9S4sgp9lPz8MBeHgbA==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js Show response
dashboard.sezzle.com/customer/ 40 KB
13 KB 163ms
139ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: TxWeZu1IDRqJPq8VSnPk6fMYh8W1WxM.
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: w9HZlrdjQanYmficwmKTHk7MFM4rkHYwO9bIfAo_TenSRWs1kIvQJw==

GET
H2 200 4508149fd282227b8d0f.chunk.js Show response
dashboard.sezzle.com/customer/ 14 KB
7 KB 160ms
136ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: yqWigl5EPH7D5yHErrX25JmSi0aaNSBu
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: zgPafDNG8AzktqLU-UrvWaPHtiSnUMOm7niLVNMg3ZvLE9gE9i-H4g==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 149ms
126ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: l23Nci5XcM6HM9frIvkIzsWriUksfcKL
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:20 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QJpUmFg64pzQDkaabO_gM0w_fWFDBnzLLcFgnvO5-2lJh3elM7k4SA==

GET
H2 200 a98d1424cac4789c93a2.chunk.js Show response
dashboard.sezzle.com/customer/ 87 KB
29 KB 153ms
130ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QTaYy4XqBXSsdze9wNVv2aaZnkd7uNPf
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: SqZx9U5oiC6XzSX-7wWrDZbjuVNGi_oG8wciHGCnUaxloKI1h2yjAQ==

GET
H2 200 824d6f85b144437f289b.chunk.js Show response
dashboard.sezzle.com/customer/ 72 KB
18 KB 161ms
138ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8sDVpVER1fZZ_aTOan_yUe4B6XmWjsCc
content-encoding: gzip
date: Sun, 10 Mar 2024 22:17:43 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 330
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:29 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: i6DA7WEP9GRtjVrxl1XFI8_GSmpB63IlKCwzcBbKIraaqwvmtZnptw==

GET
H2 200 3c36f12b1acc880cd44d.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
8 KB 193ms
171ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3c36f12b1acc880cd44d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Gcvhf8nZLHOfTNRtaCxwfRdFyedaIWCq
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:22 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 685
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"953e37bdb81aae15964dc7cd7ef7a2a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jT285HUUzf0s8GiaYB-Zz6d0wTmVnUOSHVU4Q8dYQwDp_hB86rWiog==

GET
H2 200 14be24bccbc068111182.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
13 KB 181ms
158ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: q.tipWlI3WM1eGhEtjDIubTXB6uuMWBo
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:29 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:19 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HIGc2vkJrV1oNiSobohHBGml-wS0L7bYlHVtQ8PBbpRBBqbmCw0kcw==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js Show response
dashboard.sezzle.com/customer/ 20 KB
10 KB 165ms
143ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: irw9yqIVjnylT0PUDqHCNKtnOmWAsl6R
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 2
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: GgZ5fAf5UQ4qOdo4cqKZWY8ffdY6vpM0j34LKobQCEE8nt01QuWjyA==

GET
H2 200 3ea20e0fa8f0ae630bff.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
19 KB 164ms
142ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ea20e0fa8f0ae630bff.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d30dd14334b5505abd75350941f566443edda40a1ace1face82891cf74d6497d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xINnls3hNhuz60zQrWobmLh6BX78yDrT
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"e37ff82f842745e5594d275ad1283b1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: lUarvrRmiYc606_QDEgmgpPVuCSbI7-aumkBLj38fMpR4_Ws2n4fAA==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js Show response
dashboard.sezzle.com/customer/ 32 KB
14 KB 187ms
165ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: e6Qlr7knDM7mP28ztzWYhOAaKw0ed7Dw
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 500
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: C--O65QpB-kzqriJNLxIsxtZbnwKi_-XKdNCCX_LjqWf9dzaoy5TXQ==

GET
H2 200 d3e0b27b541a88b56439.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
21 KB 166ms
144ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LKije0zQpXZPDmIvCW3tiXHLaXxh8nln
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mlBn-VdzyeIRay6RkztOELbSFFBYn6vyFVXvasSYBuKbvnvS6zz7ag==

GET
H2 200 95752ac49145b73483d1.chunk.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 167ms
146ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6gPPxRgeRbhOPZxK3RMhgatj4Aeb_81c
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Q-tIVyeqG_1VljEfvig7tTVANM7K2TjdJD3rwrStS346kbNoJWI4Hw==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
6 KB 178ms
157ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vjlzF008xdu1EJpBddsXYYO_GshB4qXT
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:38 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:22 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jq4KJUMDAoOsiSrLF1cKBXm2y9sgt7nNqE1MuRaPIwwlUnuLaUqhug==

GET
H2 200 4aa5798b018517a651a0.chunk.js Show response
dashboard.sezzle.com/customer/ 23 KB
10 KB 171ms
150ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9YaJm5yvOsNvd9WPiTgEhSGdYS1DnWOt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kmNWKbCfLkI01kzWmBMyHYTy3B4Xes2MRL40TRzTGohpErlgZykcdw==

GET
H2 200 3f4aba9f5964d1741939.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 168ms
147ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: IvT6rpbGaN7peaApnmZUVsYqZ8FPOYYR
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:23 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: P0qua00qcJM2MTIcUR19LIh6ym4HUxriiZ6s7ySPxJ_sv65fLu-L2Q==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 171ms
151ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QFr63Q_pyQSE_5IXarZTr1zWu7IZO3Mr
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 8Q9er2FOjfT50OrqSsMVIsX_MKm0FaBWUdLNxHtwIodCEPBeuNWELA==

GET
H2 200 4a0ba63f290972189691.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 172ms
153ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: cTkyvUdi0IlUc7RkpbDP0GHc7_aIqhro
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:24 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _cpeLK7pQIKtCXji3jIgwF8LIELW4ODr1n11X5YO940vvWZb7JzFow==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 168ms
148ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hfXSxmY6xW8dSRbjB8qsDfELUqjgjeJt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:27 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YAokrXVvjDd6wviZITfcP8bCH9NxuIPl70wpF5l4c2IduBhkeR6hvQ==

GET
H2 200 c5b620c163f3b359d753.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 171ms
152ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8vYyX3kctQoTwOG6mTiltsHAWK.B_qqI
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: zSbUT6ND_RFmVyHDSM8C8rR7dNDTCoDw7mUtsUWPEqHvUEXCSXu9pQ==

GET
H2 200 b508ebff5126e8474986.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 173ms
155ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dQ1v0l.huW0QIsiO35Pif1afSI8gNYVG
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FnUwL7qwDZGRjP-30OIdCHLKYc5iN5TKsdQVbZZ3ESz9xJMZwPjKIA==

GET
H2 200 95d58c447de1b1125092.chunk.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 172ms
154ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 7tjPggk1YIW4tPNmmGuztkyjJEAnrfKl
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: JP1yJ7Q6RkT7jp8nHwLGCg6_dyFlg7-IDVSAk6HSGLHMdxz0Tz6TdQ==

GET
H2 200 94376e38e631783ec8d6.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
4 KB 174ms
156ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Z6D1ikKSpYrlkNO94nVDZrgxCwVGsRds
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nti26zSREC-2C_VBz7gedeKaKczd0FHpnIuO_5M1anA7vnHNyexFnw==

GET
H2 200 8e0a43f0256a3165a631.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
13 KB 185ms
167ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WgWPGJAyOZQTGcf0otnw8UlrqbtAnwLK
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 2
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:30 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: grG45-tQlrIDwKV9ac2cQN1WRLfj4cu9aNUGoQL1p0lZ0rN3oeaegQ==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 178ms
160ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: il0OtLNjO0sq4HohqZYoFZJcfwFUEk3E
content-encoding: gzip
date: Sun, 10 Mar 2024 22:11:46 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 636
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HLY1Raeb4YkdpWnQm98yrer0GL-Ai20L7puavsnijqofirzOisjYDA==

GET
H2 200 27fb5d991e982837bbb5.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 186ms
169ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: uMhvsE2XOsVRWLQVwhA5UnEeZN99iAuH
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:21 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 88eU-FaqIFotcnSqX5PNQDa40ortxVo1xGJ54iobPJ6qIlHyBxp2iw==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js Show response
dashboard.sezzle.com/customer/ 75 KB
22 KB 178ms
161ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: mLoIb_E0UDytemSC6Z8zWWcC5OkCmWpA
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 499
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0EF31KhQZVkUwSMaNVlSpylsmRzYsWJuquiyvY95UHSo1mu6lhLEGA==

GET
H2 200 610164a2e172e3e4da56.chunk.js Show response
dashboard.sezzle.com/customer/ 146 KB
41 KB 185ms
168ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/610164a2e172e3e4da56.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d17657edff9726e38ff9118fb33301cfcdfeb28b282dc16f3c5e2d61d344391c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: rSIavIRWFuVZsBqyM9fFVENZ8a.BC_Dt
content-encoding: gzip
date: Sun, 10 Mar 2024 22:08:02 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 856
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:26 GMT
etag: W/"39c2500270806c2c6573cc21c45f1a8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mrNqFr-djQ0US7ny7UV7KVD5jkPGOx7zE9XfnxR8ue9dUNAwZUlpDw==

GET
H2 200 dc486ba2afb7e58399af.chunk.js Show response
dashboard.sezzle.com/customer/ 53 KB
24 KB 181ms
164ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc486ba2afb7e58399af.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

95cc67cd8a2f55e7636d5acaaf3f8c0461144a3ca09294b124872cedd71a5510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WGHnZsyCOP32a2ZaMdISnlqaF3dpds3a
content-encoding: gzip
date: Sun, 10 Mar 2024 22:15:39 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 521
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:33 GMT
etag: W/"f0b0f6f21faa4241c93372cd79d1d110"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ibcZnD74e-Noj2jCIiR0PyJN0BMevAb4puk8G38iQghzTdL_tV0ewg==

GET
H2 200 52cea44d2b38108385a3.chunk.js Show response
dashboard.sezzle.com/customer/ 30 KB
13 KB 179ms
162ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/52cea44d2b38108385a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

73a447ee558a9c9380c54cbe2f5d4de47346d5f49fa488e7fef32f85f29644d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vsNzVZrzsYiTnZn02tH8dhQKAQT.61hT
content-encoding: gzip
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 6
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:25 GMT
etag: W/"eac43504cc149c975296e23b48999bda"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: CpQOH4y1GFzKX39PYMQkJXWUmrM_TjlCIJDrR2DHhkaPPAjw1Y0xyg==

GET
H2 200 917019a0d5c385f61289.chunk.js Show response
dashboard.sezzle.com/customer/ 9 KB
6 KB 186ms
170ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/917019a0d5c385f61289.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ejqGpizJdBZdN.xTi.UJ15SG3MHCFdDB
content-encoding: gzip
date: Sun, 10 Mar 2024 22:13:10 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 679
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:31 GMT
etag: W/"d3af360547cac6e490a6051af4419e9e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gvZVsESv8sht-8MC1UKm2eHiePHUzsB68jIZ6FM_ZdYw3rYbt_ViLA==

POST
H2 200 gt Show response
api.sezzle.com/v1/accertify/browser/beacon/ Frame 44B9 39 B
1015 B 139ms
138ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/gt?c=gLaZegefMpAvkrns_6KD2oLP8FU

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca7fdafc5905d898cb783cf316f52e6141a3417f1e3283c285c3f7db8d75a0b7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:17 GMT
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/plain;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 39
x-amz-cf-id: XcOP6_lYJDH14BDpWBWNveWV8-ftoxm9dJCDXIVSgfAwZjnWxoOfnw==
x-xss-protection: 1; mode=block;
expires: 0

GET
H2 200 ae9aa0023644c0c6bd7d.chunk.js Show response
dashboard.sezzle.com/customer/ 452 B
3 KB 76ms
75ms Script
application/javascript 2600:9000:247b:ee00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ae9aa0023644c0c6bd7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27e625c41aeff55daf35.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:247b:ee00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _0tLh0ORNWieO1V0F0jwjXfcd2gdTDBg
content-encoding: gzip
date: Sun, 10 Mar 2024 22:21:30 GMT
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
age: 145
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Thu, 07 Mar 2024 22:40:32 GMT
etag: W/"51d3d543819542bc182233d9d721c530"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sMpaO7gsYo8HbUMSMTxM0JTYCFGah6N15VPrWkqKXSYDgrIC-3b1zA==

GET
H2 200 Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 6 KB
3 KB 70ms
70ms Image
image/svg+xml 2600:9000:210b:1800:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:1800:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:14:13 GMT
content-encoding: gzip
via: 1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 50885
x-cache: Hit from cloudfront
last-modified: Tue, 11 Feb 2020 17:10:33 GMT
server
etag: W/"0fb7c8e946de60d298e697e3143a598e"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: -CN1V-iDrX_xBWkKyOW2Oe3Tbz8U-a3eCEYq7p4NqkCauWow8En-6Q==

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 2756ms
365ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=f639fc23-0a84-4f5d-b7dd-28ede0674812&SessionId=3261ca28-76c9-4628-9b51-c47145f7567b&PageId=390b8706-e7b3-4798-8021-60cdf252dfae&Seq=1&ClientTime=1710109337672&PageStart=1710109336473&PrevBundleTime=0&LastActivity=529&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 86445c664278bada45088b14e15b524c4bccd4c9cf5cfe5331ea14f955f41893

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Sun, 10 Mar 2024 22:22:20 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 140ms
138ms Preflight 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Sun, 10 Mar 2024 22:22:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 152ms
152ms XHR
text/plain 44.230.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.230.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-34-124.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 ipdetails Show response
geoip.sezzle.com/v1/geoip/ 238 B
1 KB 434ms
116ms XHR
application/json 44.239.107.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.sezzle.com/v1/geoip/ipdetails

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.107.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-107-15.us-west-2.compute.amazonaws.com

Software

Resource Hash

c9eff10973ddbb2bb7f6777cb55116f85c0596ad6867da1432d00b0ed20b6a4e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-length: 238
x-xss-protection: 1; mode=block;

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame 461E 0
0 291ms
289ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfHHynfrnoSbx9nT5tNAfrGPJLkAu0k8UbpivBebs5LG45XKo8yVCQBIgXju309Q3E6McD661959H%2F3wEcaSEdfTcilGePbPuBll1aUtB7qPbIgY5iOzfzTHBCxAwKY%2Fl%2F0Vuw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8626b3e4fe38a216-YYZ
content-length: 0
x-request-id: 8626b3e4fe38a216-YYZ

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 129ms
122ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8626b3e41c6ba216-YYZ
date: Sun, 10 Mar 2024 22:22:18 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE%2FzQgWt429jJUUPTM0DsXzng%2B2EjCcm48KRxSydl9OMaeBjY4vrfVX%2BnuS1C26DhJwXpf6qjUYZum%2BhqSXZ%2B3tX4snavRnc1Uwu1iFo7SBwt65xhlZZCMuU7NQdwFA3WZQ%2FIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8626b3e41c6ba216-YYZ
x-zendesk-zorg: yes

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 63ms
59ms Script
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82d77d914cd24d84efd4af83ca9e84f4d29919520f44991b7e79f00e438a549e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 22:22:18 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 490 KB
195 KB 179ms
64ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 19:31:31 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DBA6 45 KB
28 KB 101ms
101ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=QquE1_MNjnFHgZF4HPsEcf_2&theme=light&size=invisible&badge=bottomleft&cb=pbh3wiuj1ocf

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9cdbf611eff45ebb39aa14ee1da23eacaf1c665f1ef69110dbe35d68cbaa54a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fC7q_5hfpOsNLqv5N2yh6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fC7q_5hfpOsNLqv5N2yh6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 22:22:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 US.svg
media.sezzle.com/style-guide/flags/4x3/ 4 KB
1 KB 71ms
70ms Image
image/svg+xml 2600:9000:210b:1800:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/style-guide/flags/4x3/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:1800:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 05:12:38 GMT
content-encoding: gzip
via: 1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 61781
x-cache: Hit from cloudfront
last-modified: Mon, 25 Oct 2021 18:50:36 GMT
server
etag: W/"ae65659236a7e348402799477237e6fa"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: _9V3KtqEvj2sCHUprPvXykQyTnJLld_k3tYx2I57XFncidUlY1Z3jA==

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pro-fa-duotone-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 10 KB
10 KB 130ms
128ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-duotone-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:29 GMT
server: cloudflare
age: 7434217
etag: "6568cc19-2964"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8626b3e7cbbf8c7d-EWR
content-length: 10596

GET
H3 200 Satoshi-Medium.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 124ms
124ms Font
font/woff 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8936983
alt-svc: h3=":443"; ma=86400
content-length: 31024
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "7930-5e44d059ed553"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06vfBTXuE9L4TucOrTW%2FagFVoqehU1zin12X15P9dNExbviCfds%2FBtx9ytVDeUH7P04w%2BDYN3VXoglmAKUSjZV6HEzs1lkp%2BH6Po90eOMo3B2tvO%2BSbbjEsza%2Fi8o%2FJ%2Fe5SRg4P9p0G4wg7LmxlAl2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8626b3e7cbe7c332-EWR

GET
H3 200 Satoshi-Bold.woff
fonts.cdnfonts.com/s/85546/ 30 KB
30 KB 248ms
247ms Font
font/woff 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6517261
alt-svc: h3=":443"; ma=86400
content-length: 30668
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "77cc-5e44d05a5a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7my%2BYdpZHGKglNjc583KCaD0dCD0GfI7Vyh8p3Ynq%2FW5q%2BA2%2BPCtzrS02FpC3bEg467zck82j7KtMGSaYJRrnkZROz%2B8rTtII4Nr8G1jNGRS7kzkgJf3mR5BLrTR3kBzAtqYpZJlq7GBA3awAhijijc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8626b3e7cbe8c332-EWR

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame DBA6 55 KB
24 KB 211ms
69ms Stylesheet
text/css 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=QquE1_MNjnFHgZF4HPsEcf_2&theme=light&size=invisible&badge=bottomleft&cb=pbh3wiuj1ocf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 21:36:37 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame DBA6 490 KB
194 KB 240ms
98ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 19:31:31 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame DBA6 17 KB
7 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=QquE1_MNjnFHgZF4HPsEcf_2&theme=light&size=invisible&badge=bottomleft&cb=pbh3wiuj1ocf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 21:41:19 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DBA6 2 KB
2 KB 68ms
67ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:14:11 GMT
x-content-type-options: nosniff
age: 173288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Mar 2024 22:14:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBA6 15 KB
15 KB 211ms
78ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:56:40 GMT
x-content-type-options: nosniff
age: 393939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:56:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBA6 15 KB
16 KB 197ms
64ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:09:27 GMT
x-content-type-options: nosniff
age: 393172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:09:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DBA6 102 B
135 B 78ms
77ms Other
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=QquE1_MNjnFHgZF4HPsEcf_2&theme=light&size=invisible&badge=bottomleft&cb=pbh3wiuj1ocf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 22:22:19 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 861A 7 KB
1 KB 85ms
84ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

483cfb7176c0ca56d598ea37bd0b28fe2598817391a7c6a109eb23eebee8b766

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M5GQCkh3OoPqmqGf_c5y1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-M5GQCkh3OoPqmqGf_c5y1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 22:22:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 861A 55 KB
24 KB 66ms
66ms Stylesheet
text/css 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 21:36:37 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 861A 490 KB
194 KB 70ms
70ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 19:31:31 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 861A 21 KB
16 KB 103ms
102ms XHR
application/json 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a2350d412c84e2a55d129fc9e84517763569d59ffb69b5192f4c11b733e0c7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 10 Mar 2024 22:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 22:22:20 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 861A 600 B
624 B 64ms
63ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:12:45 GMT
x-content-type-options: nosniff
age: 392975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 13 Mar 2024 09:12:45 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 861A 530 B
554 B 66ms
64ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:56:55 GMT
x-content-type-options: nosniff
age: 393925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 13 Mar 2024 08:56:55 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 861A 665 B
689 B 65ms
64ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:14:14 GMT
x-content-type-options: nosniff
age: 173286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Mar 2024 22:14:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 861A 15 KB
15 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:56:40 GMT
x-content-type-options: nosniff
age: 393940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:56:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 861A 15 KB
15 KB 91ms
90ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:52:14 GMT
x-content-type-options: nosniff
age: 394206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:52:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 861A 15 KB
15 KB 78ms
77ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:09:27 GMT
x-content-type-options: nosniff
age: 393173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:09:27 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 861A 17 KB
7 KB 61ms
61ms Script
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 21:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 21:41:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 861A 54 KB
54 KB 83ms
82ms Image
image/jpeg 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7okqvYSSB0t3xFxxorusoYMB9jq8qIiBieThNCs8-qEn81U3l5BEYYpXeRNmHQVqm0FEs2-9J-pPcTIVZcRNis4neHXfm0Y3_Dw9ZUwWNq8YW_9Vi2zLHLKOLSHXqaTFIUCiK9ryGGxS1SxIsPBG-T1iyyFjd2BpzlWEvHaNTS9ulMr428aGVy0T301xRuxnse2MMf157QdhLt6ld8Z173UQ0dQw&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73d91bb30f494a81af82a33a87342a24d41279b23aa6cd777026b29d55044723

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:22:20 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 22:22:20 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 86ms
85ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je4360v886187776za220&_p=1710109334940&gcd=13l3l3l3l1&npa=0&dma=0&cid=658592009.1710109336&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&sid=1710109335&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&dt=Sezzle%20Customer%20Dashboard&_s=4&tfd=7078
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 152ms
92ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=f639fc23-0a84-4f5d-b7dd-28ede0674812&SessionId=3261ca28-76c9-4628-9b51-c47145f7567b&PageId=390b8706-e7b3-4798-8021-60cdf252dfae&Seq=2&ClientTime=1710109341512&PageStart=1710109336473&PrevBundleTime=1710109337790&LastActivity=4390&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: bf335c5bf53c817603109d967c1b3aa3aa824170780fb775cd720c10c9806817

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Sun, 10 Mar 2024 22:22:21 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 86ms
85ms Ping
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je4360v874508995za220&_p=1710109334940&gcd=13l3l3l3l1&npa=0&dma=0&_fid=cylyn2J86XzoT8PlY7koSP&cid=658592009.1710109336&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1710109336&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Fpremium%2Fsignup&dt=Sezzle%20Customer%20Dashboard&en=web_dsh_refresh_token_login_failure&_ee=1&ep.origin=firebase&ep.metrics=%5Bobject%20Object%5D&ep.szl_trk_ver=v1&ep.locale=en-US&_et=323&tfd=7918
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:21:01	Name: _GRECAPTCHA Value: 09AI0kreJiuKr5X86jdL1Ih-XCMzBWyopTwKUHPTbTQQ9kpDjDL9nSdLYlkLOemwMdMaUvKFuSd0CK6w4JZBrSFU4
.sezzle.com/	1970-01-21 04:37:49	Name: trk_id Value: 6cc9f04d-3541-4e3e-b957-bec7d4469589
.dashboard.sezzle.com/	1970-01-21 03:47:25	Name: szl_wpe_sid_lt Value: 7b08719e-bd75-4077-bb89-ef8520ca243a
.dashboard.sezzle.com/	1970-01-20 19:03:15	Name: szl_wpe_fs_rand Value: 0.5000323342287263
.sezzle.com/	1970-01-20 21:11:25	Name: _gcl_au Value: 1.1.1321104504.1710109336
.sezzle.com/	1970-01-20 19:03:15	Name: _gid Value: GA1.2.1087687399.1710109336
.sezzle.com/	1970-01-20 19:01:49	Name: _gat_UA-72079130-32 Value: 1
.sezzle.com/	1970-01-20 19:01:55	Name: szl_wpe_sid Value: 5c9244ea-dab3-493d-87d2-28bd6dcea312
.sezzle.com/	1970-01-21 04:37:49	Name: _ga Value: GA1.1.658592009.1710109336
.sezzle.com/	1970-01-20 19:01:51	Name: fs_lua Value: 1.1710109336470
.sezzle.com/	1970-01-21 03:47:25	Name: fs_uid Value: #13FHV#f639fc23-0a84-4f5d-b7dd-28ede0674812:3261ca28-76c9-4628-9b51-c47145f7567b:1710109336470::1#/1741645335
.sezzle.com/	1970-01-21 04:37:49	Name: _ga_FB5QYFCQBC Value: GS1.1.1710109336.1.0.1710109336.0.0.0
.sezzle.com/	1969-12-31 23:59:59	Name: IR_gbd Value: sezzle.com
.sezzle.com/	1969-12-31 23:59:59	Name: IR_22203 Value: 1710109335247%7C0%7C1710109335247%7C%7C
api.sezzle.com/	1970-01-20 23:21:01	Name: _cc-x Value: NWYzZmFkZDgtNTg5Yi00ODQ0LTg2MDQtN2MzYmVhNzk5ZDk2OjE3MTAxMDkzMzcyODY
.dashboard.sezzle.com/	1970-01-20 19:01:49	Name: _szl_login_success_url Value: /premium/signup
.sezzle.com/	1970-01-21 04:37:49	Name: _ga_1MJLY6RLKW Value: GS1.1.1710109335.1.1.1710109338.57.0.0

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dashboard.sezzle.com/customer/premium/signup Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/90098e8a2959c4750940.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/90098e8a2959c4750940.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=730003d5284375b0d7d2aaf5269e91387f5ca407 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://api.sezzle.com/v5/shopper/auth/status Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://api.sezzle.com/v1/accertify/browser/client(Line 4) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js(Line 385) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js(Line 385) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js(Line 351) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.sezzle.com
apps.rokt.com
dashboard.sezzle.com
edge.fullstory.com
ekr.zdassets.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.cdnfonts.com
fonts.gstatic.com
geoip.sezzle.com
ka-p.fontawesome.com
kit.fontawesome.com
media.sezzle.com
o215203.ingest.sentry.io
rs.fullstory.com
sezzle.page.link
sezzle.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
utt.impactcdn.com
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.53.111
104.18.72.113
2600:1400:9000::6875:b609
2600:1400:9000::6875:b613
2600:9000:210b:1800:1a:9a9d:1e00:93a1
2600:9000:247b:ee00:5:2c64:75c0:93a1
2606:4700:4400::ac40:93bc
2606:4700:e0::ac40:6206
2607:f8b0:4004:c06::9d
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80f::2003
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200a
34.120.195.249
35.186.194.58
35.186.249.72
35.201.112.186
44.230.34.124
44.239.107.15
02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710
06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708
07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5
0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478
0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16
0e989d9c399122f4e4bf56f0a8c88e7c45f047862e13afd4cdcefca1fb8724e1
10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7
12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97
1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1
13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f
153945655b486708fcf13729d31820124bd4fb214487bb98da04432fe5e3b079
17bc25971fe2456cb6aac9a74191383b037ec64f700d1b48e8db5f3419bce615
17f5953ca542e43b0f27552b028916981d1d2a56acf437968a77406dc38b7dfa
18b96032cd18a7d4ecc4348fb86be57facbb7592538bf9206422be61381de717
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82
1ca5ea647188d6456824815a451fae306cbfec45e84c532f58e88c21c5bb995e
1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326
2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3
2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44
27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf
28daabfb2b1cb44d1f8d5d041c1991d8e7dcd0e6d9e62168208697c07702eef6
28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20
2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f
30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3
323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c
331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508
3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639
3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60
473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11
483cfb7176c0ca56d598ea37bd0b28fe2598817391a7c6a109eb23eebee8b766
49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461
4a5b21f4bf351eea6b543452f15a404a7384c5c22e06f6e12c34e8a3fdad9d93
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
4f157a7788c03897b10064583814310a2acf37200f60befb4e7ab0908e93b79c
513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e
522f4862985232d255f9d661c224d3a310edd3e83670b1029f8638da4d80476c
5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee
58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8
5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7
64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f
68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727
69fef7bf67ead0c4c2df08be990ee582b4b0c2366efabc0418b2be2abc75bb4b
6a2350d412c84e2a55d129fc9e84517763569d59ffb69b5192f4c11b733e0c7c
6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e
6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313
70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71
712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0
717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4
71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb
728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd
73a447ee558a9c9380c54cbe2f5d4de47346d5f49fa488e7fef32f85f29644d2
73d91bb30f494a81af82a33a87342a24d41279b23aa6cd777026b29d55044723
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984
79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994
7b5546c73d7cd484294273bc334adda11daeabe5dc967d87b2039b8af05731bd
7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed
80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e
80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418
8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192
82d77d914cd24d84efd4af83ca9e84f4d29919520f44991b7e79f00e438a549e
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
85d890c235b069cc3ba2c5b1ce6380bf44592b7b3deec601ad63736b9c8ec2ac
86445c664278bada45088b14e15b524c4bccd4c9cf5cfe5331ea14f955f41893
8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92
87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61
88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52
896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2
8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc
943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061
95cc67cd8a2f55e7636d5acaaf3f8c0461144a3ca09294b124872cedd71a5510
96987d15cdaed054d226578136f46cd4e6f2c0fe70f360a77ebc1821c4b796a2
96df0c35194186cd4ceb8fe22d1722c0462dacf15bb696e6da966adf323bc82f
99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f
9f717ecd303b82236a919f9a03dbc37e33eb1eafa4aaf754fd86ef5a0f390602
a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551
a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481
a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c
a5033354da27c609baad2938d42e8198de11cbe83dd666c5997343833f9bc005
a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9
a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c
aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1
ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421
b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae
b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b
b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac
b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11
ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6
bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6
bf335c5bf53c817603109d967c1b3aa3aa824170780fb775cd720c10c9806817
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c18300e829b138b1cea8ad083f046079328012033c0e44f4c650d079376d6a56
c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9
c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7
c9eff10973ddbb2bb7f6777cb55116f85c0596ad6867da1432d00b0ed20b6a4e
ca7fdafc5905d898cb783cf316f52e6141a3417f1e3283c285c3f7db8d75a0b7
cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6
cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a
d17657edff9726e38ff9118fb33301cfcdfeb28b282dc16f3c5e2d61d344391c
d30dd14334b5505abd75350941f566443edda40a1ace1face82891cf74d6497d
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134
d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9
d9d56505a77ca07e02c200a48794653355e4af338f226fb63ec74fbd2bb97301
dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778
e09ab61c035948a8d070b553578b21fdb74e1c25b473d58cb08eb6e264d40383
e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae
e57d0033b27eed4e25bd8572e25c1352550942e8e455f3aa3eb88c63b1ae0048
e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752
e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3
e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043
e9cdbf611eff45ebb39aa14ee1da23eacaf1c665f1ef69110dbe35d68cbaa54a
ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3
eb7bda1521ce7727b7ff2ebf50b0b2d8ab48340e13c5be92a8460c4ccd63e317
ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772
ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef896e0ef17ff7f7d86cd8cd472546a37cd78f9e6f1a18b8f219405f27cb10ea
f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce
f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22
f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9
f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd
f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c
f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475
f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c
fc215cf0c2fe0d7147a1dc3f2efd0a0cf0d1814191d3b6cfe8a67a0eb6c9b2a2
fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

dashboard.sezzle.com Open in urlscan Pro 2600:9000:247b:ee00:5:2c64:75c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

265 Requests

100 %HTTPS

67 %IPv6

17 Domains

26 Subdomains

24 IPs

2 Countries

4434 kBTransfer

10337 kBSize

17 Cookies

4 Outgoing links

Page URL History

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dashboard.sezzle.com Open in urlscan Pro
2600:9000:247b:ee00:5:2c64:75c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

26
Subdomains

24
IPs

2
Countries

4434 kB
Transfer

10337 kB
Size

17
Cookies

265 HTTP transactions
1 data transactions