urlscan.io logo urlscan.io
SecurityTrails logo

dashboard.sezzle.com Open in urlscan Pro
13.32.143.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://dashboard.sezzle.com/customer
Submission: On September 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 23 domains to perform 105 HTTP transactions. The main IP is 13.32.143.100, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 28th 2019. Valid for: 2 years.
This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 13.32.143.100 16509 (AMAZON-02)
2 13.32.143.17 16509 (AMAZON-02)
6 104.18.23.52 13335 (CLOUDFLAR...)
1 184.25.50.11 20940 (AKAMAI-ASN1)
9 104.18.70.113 13335 (CLOUDFLAR...)
1 64.233.167.95 15169 (GOOGLE)
13 74.125.71.97 15169 (GOOGLE)
1 23.37.33.211 16625 (AKAMAI-AS)
13 34.214.152.176 16509 (AMAZON-02)
1 34.120.195.249 15169 (GOOGLE)
1 108.177.15.94 15169 (GOOGLE)
3 157.240.20.19 32934 (FACEBOOK)
8 173.194.76.113 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
1 2.20.201.9 16625 (AKAMAI-AS)
2 64.233.184.95 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
4 104.16.53.111 13335 (CLOUDFLAR...)
1 142.251.5.157 15169 (GOOGLE)
1 142.250.110.106 15169 (GOOGLE)
4 157.240.20.35 32934 (FACEBOOK)
2 35.201.112.186 15169 (GOOGLE)
3 35.186.194.58 15169 (GOOGLE)
1 35.162.27.45 16509 (AMAZON-02)
1 185.199.111.153 54113 (FASTLY)
105 26
20    13.32.143.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-143-100.hel50.r.cloudfront.net
dashboard.sezzle.com
2    13.32.143.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-143-17.hel50.r.cloudfront.net
media.sezzle.com
6    104.18.23.52 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    184.25.50.11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-11.deploy.static.akamaitechnologies.com
use.typekit.net
9    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    64.233.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f95.1e100.net
fonts.googleapis.com
13    74.125.71.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f97.1e100.net
www.googletagmanager.com
1    23.37.33.211 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-33-211.deploy.static.akamaitechnologies.com
p.typekit.net
13    34.214.152.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-152-176.us-west-2.compute.amazonaws.com
api.sezzle.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o215203.ingest.sentry.io
1    108.177.15.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f94.1e100.net
fonts.gstatic.com
3    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
8    173.194.76.113 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f113.1e100.net
www.google-analytics.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2.20.201.9 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-201-9.deploy.static.akamaitechnologies.com
snap.licdn.com
2    64.233.184.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f95.1e100.net
firebaseinstallations.googleapis.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
sezzle.zendesk.com
1    142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net
stats.g.doubleclick.net
1    142.250.110.106 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f106.1e100.net
www.google.com
4    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    35.162.27.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-27-45.us-west-2.compute.amazonaws.com
geoip.sezzle.com
1    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
lipis.github.io
Domain Requested by
20 dashboard.sezzle.com dashboard.sezzle.com
13 api.sezzle.com dashboard.sezzle.com
13 www.googletagmanager.com dashboard.sezzle.com
www.googletagmanager.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
dashboard.sezzle.com
8 static.zdassets.com dashboard.sezzle.com
static.zdassets.com
5 ka-p.fontawesome.com kit.fontawesome.com
4 www.facebook.com
4 sezzle.zendesk.com dashboard.sezzle.com
static.zdassets.com
3 rs.fullstory.com dashboard.sezzle.com
3 connect.facebook.net dashboard.sezzle.com
connect.facebook.net
2 edge.fullstory.com dashboard.sezzle.com
edge.fullstory.com
2 firebaseinstallations.googleapis.com dashboard.sezzle.com
2 media.sezzle.com dashboard.sezzle.com
1 lipis.github.io
1 geoip.sezzle.com dashboard.sezzle.com
1 www.google.com
1 stats.g.doubleclick.net dashboard.sezzle.com
1 analytics.twitter.com static.ads-twitter.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 ekr.zdassets.com dashboard.sezzle.com
1 fonts.gstatic.com fonts.googleapis.com
1 o215203.ingest.sentry.io dashboard.sezzle.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com media.sezzle.com
1 use.typekit.net dashboard.sezzle.com
1 kit.fontawesome.com dashboard.sezzle.com
0 www.google.de Failed
0 px.ads.linkedin.com Failed
0 t.co Failed
0 bat.bing.com Failed www.googletagmanager.com
105 31

This site contains links to these domains. Also see Links.

Domain
sezzle.com
Subject Issuer Validity Valid
sezzle.com
Sectigo RSA Extended Validation Secure Server CA		 2019-10-28 -
2021-10-27		 2 years crt.sh
media.sezzle.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
api.sezzle.com
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.ingest.sentry.io
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-21 -
2021-09-19		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
sezzle.zendesk.com
Cloudflare Inc ECC CA-3		 2021-07-30 -
2022-07-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.fullstory.com
R3		 2021-07-27 -
2021-10-25		 3 months crt.sh
geoip.sezzle.com
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://dashboard.sezzle.com/customer
Frame ID: C6D9639C60455934AA4723BD24E94327
Requests: 89 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Frame ID: 6AE0B37DF14D67DF25006DE62175C8CE
Requests: 10 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: F45AA794CF1E5C1D151DA975F953630F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sezzle Dashboard: Log in

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

105
Requests

96 %
HTTPS

0 %
IPv6

23
Domains

31
Subdomains

26
IPs

4
Countries

2405 kB
Transfer

8352 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request customer
dashboard.sezzle.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
9826c009e36fe0da5e92e5b2c8ec5d924a62d7a0908afb22ae775930c6f4c941
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dashboard.sezzle.com
:scheme
https
:path
/customer
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Thu, 09 Sep 2021 15:57:14 GMT
x-amz-version-id
4FkVILTG.IfqACCpt6nhpurN.MoMZ1vA
server
strict-transport-security
max-age=15724800; includeSubDomains;
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com;
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin
content-encoding
gzip
date
Fri, 10 Sep 2021 20:09:11 GMT
etag
W/"41b088f39b1241f4e484bf1f8f411b42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
0rhcw1JkvYEwXrU_geLP9e1IZgYQkeUGnCb44xkoCJ1p1uErJ3iXbQ==
age
354
sezzle-global-4.1.4.css
media.sezzle.com/style-guide/css/ 		129 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.sezzle.com/style-guide/css/sezzle-global-4.1.4.css
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-17.hel50.r.cloudfront.net
Software
/
Resource Hash
8d29352d4d1c803fd2f2d13512a76ceca4c092188a237d54fa42066baf0db4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:03:41 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 21:57:13 GMT
server
age
685
etag
W/"57c7e593afbb55ce21ce218026a9bba3"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
x-cache
Hit from cloudfront
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
HoVt3wzam7f8rRz1lii4costgfebanB8jCSkB5EYz7LgNX6NtEWcyw==
via
1.1 43235ad12d781e3fd6dab94bb2a51ca0.cloudfront.net (CloudFront)
32f48e933a.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/32f48e933a.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64334d7cb5554ade320e458be83b6093f963bdc54496724c6caa4f58066398e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
68cb53890afa2193-DUS
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FnSVPi9zMgUW62LDt_pB
dji1nuv.css
use.typekit.net/ 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/dji1nuv.css
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.50.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-50-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0515aace0267a9f51d900b1dd3d7857da6aca764f09fd5323a16aadb1e7b0cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 10 Sep 2021 20:15:05 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
585
snippet.js
static.zdassets.com/ekr/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-request-id
03K7JNBYDXHMPMAJ
x-amz-id-2
iqWg6mz+Fe46jMBA36AoYldWZ4iUi9H1MQeyPgujHAGl8MvC21L9Gq7aGALqmFXxbS93eSZS200=
last-modified
Wed, 09 Jun 2021 00:08:59 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUH%2FJEkuN%2FobCG%2F0pF%2BXXFuquXgxfIzs7rAt30460Cf8TUL%2FlMfkPJQ7HtRWMVByuT7aif7g6BuxY1QLMXr%2BOvSNElagWeF4IcwFGMailAGAmr0C7vu52noBRmbdIFdDFuysN%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray
68cb538a7af7218d-DUS
runtime.d4b4bc1df28339ce0b44.js
dashboard.sezzle.com/customer/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
118074c0ce3ae7f35c22ec90abc477b85a24ab9896bc7ae07c8ec983d4d865dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/runtime.d4b4bc1df28339ce0b44.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"385177492eef1bd347d3dc567076b18e"
vary
Accept-Encoding
x-amz-version-id
K1uMz7uZzv0K_y1syf4Ozaw.L9vB7ZuM
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
bPQ_wm0ri4fUnPQlz-brWDz6ZwC9cDelsWkf-DdgkPj_U8wYHPs4QA==
npm.sezzle.a7b0fd8bfdca93f72bce.chunk.js
dashboard.sezzle.com/customer/ 		1 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.sezzle.a7b0fd8bfdca93f72bce.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
6876f84f6ecdb4e9abc8810f8c6fd73c122d0038bb8902ae8eb8f9332a41563b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.sezzle.a7b0fd8bfdca93f72bce.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"f27a9ac6032bb5b7577b63063faf36f1"
vary
Accept-Encoding
x-amz-version-id
z7MlrRHKKEndZyPJzRj2usmqiJ2dPs8M
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
P0orl-orrtp5yKDDfvYutzC7r3SfZVWI9MnfxSLJwRoCdPZjb4zqGg==
npm.core-js.a52e62a5942074d5fc95.chunk.js
dashboard.sezzle.com/customer/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.core-js.a52e62a5942074d5fc95.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
ce3d5a8e199cd958fd8087f01e01bd9250a869c3ff266876f91545d140062d24
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.core-js.a52e62a5942074d5fc95.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:07 GMT
server
etag
W/"c194597373f3a6d67306806cc261e820"
vary
Accept-Encoding
x-amz-version-id
h3ZRYxn6R7BuW.gsuss3MgpWu_1ptliH
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
JtIm3jgwm1EqQzgni33R6Zp7KwrtVSjSFnSlCHtOf81FrkyLTAT6Gg==
npm.lodash.a5f6e9f0260f4cdb65f4.chunk.js
dashboard.sezzle.com/customer/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.lodash.a5f6e9f0260f4cdb65f4.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
10bc36e1d6b50fa50af3b48d4a3a2bae345733d592b9d5c9b39b5e9977135619
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.lodash.a5f6e9f0260f4cdb65f4.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"14010095219f2dfd940102bef8668d66"
vary
Accept-Encoding
x-amz-version-id
mSM8IGb5gGHEiHOjL8_60cLRh71gYNzb
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
OSpr2qrFK7wE24rcw8df8o52N2YumBIlxJS3ySOIZib7ii00ePwPxw==
npm.moment.79622b2b561b3a533547.chunk.js
dashboard.sezzle.com/customer/ 		362 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.moment.79622b2b561b3a533547.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
cbb6429c652e5da628b9ebcc4ed35d8b104d1b9696496d924fa661c139fe49dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.moment.79622b2b561b3a533547.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"a5498a67152955fcfc32c0ba08a199b0"
vary
Accept-Encoding
x-amz-version-id
TcPyBGz38QTUcWv6n.DXLOO9Mqqy7.77
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
m52cN3JcjE0aWbnq09rnTTR1C8nXj3n9Tq9kE95yB9tJVbl1MQ-HYA==
npm.react-app-polyfill.94928d3cb36a50aed35c.chunk.js
dashboard.sezzle.com/customer/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-app-polyfill.94928d3cb36a50aed35c.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
89c3d0be5853811eb7a54321b76b0b0eff3d0887afd80b9f6ad9e2efe1caaac1
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-app-polyfill.94928d3cb36a50aed35c.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"1e2ad970abc1df22b9a7b5ac0d2c1156"
vary
Accept-Encoding
x-amz-version-id
kBtcmnxL46p6pqUAvogL5tuNIG7GT0rE
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
tpFVHgl1O65qVRNWMbtRh-iH6h0ROpNn3QD-NBiihO-8qk5f2E4NBQ==
npm.redux-form.412cc969a9d0e1ee50aa.chunk.js
dashboard.sezzle.com/customer/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.redux-form.412cc969a9d0e1ee50aa.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
1d660ee1823483918997ffb5b64e9a085e47657fab4eb92810eafa3e02ed2ef3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.redux-form.412cc969a9d0e1ee50aa.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2177
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"a0ffb9ebcf2eedf7a0402ffda22824b3"
vary
Accept-Encoding
x-amz-version-id
CJYqNuG92cJxOU.Z_Vc1PyADCLTUWWvl
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
kRNtDOkBuMOxs7es6Q3uDxkPkVLHNL6kV8yhSTtDONelBJAqdMm37w==
npm.sentry.6184fbf63f9871b2ca5a.chunk.js
dashboard.sezzle.com/customer/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
6eb2c4435e417790d5649480d79dce0b5d6c5c1d4cd818eef4f7595bfdf44a4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"77eb992dc2bbec03a7159c50c98f4d4e"
vary
Accept-Encoding
x-amz-version-id
5K6hHxzW7sLEEXXtjOrk5dUPzf9W30dy
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
kRNtmHLXack1WhFBKTJuQSBvnqW7LLusssS6FKikeUV_hUZrPEy8fA==
npm.libphonenumber-js.f7850bbdb324c64ae6d5.chunk.js
dashboard.sezzle.com/customer/ 		168 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.libphonenumber-js.f7850bbdb324c64ae6d5.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
96a83ae255efeca137c915b8073be91f113ccb1f80d439fea668bddcd8186c28
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.libphonenumber-js.f7850bbdb324c64ae6d5.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"59a690952fc86016f8ce063309b28600"
vary
Accept-Encoding
x-amz-version-id
UJ3S6yYFpSHJEIsQMNYbT.owR4E.HFiM
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
xEF0mS_balO7R8ghEmpY2nTlX8PJOOH2CnOe08rseNrkADsRrvpfoQ==
npm.babel.2587337bda34560d7d55.chunk.js
dashboard.sezzle.com/customer/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.babel.2587337bda34560d7d55.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
4022a59538c4929ffc401db99b7b3cf9f54915c033374c0590a8692bfd1b6d23
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.babel.2587337bda34560d7d55.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:07 GMT
server
etag
W/"ee7222e6364f009d2d18cc732367db03"
vary
Accept-Encoding
x-amz-version-id
xHPXZSkgrmIBOvwepG.nq_AYu.Dl47qL
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
XMojhw-gzJmuubHPEaXZbBRSZj3gQUqFmfbtMVSn1JzwqzxRoyNovg==
main.d4a83d317b33e4f74b46.chunk.js
dashboard.sezzle.com/customer/ 		2 MB
532 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
63434d17aa8f991199611e64bfc195a53a5e1b0b3f2201d47ceefe6cb88cb398
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/main.d4a83d317b33e4f74b46.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:07 GMT
server
etag
W/"ddc95987fa3960b1051a5163180e3d8d"
vary
Accept-Encoding
x-amz-version-id
Zl6_XqPX5jgl42yuITqSbkYylmDHhhoP
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
BFy96H_g0GI41O-dHiyhtQ_Fv0Jm4CgTq6MhMHFXnReEOYaOTcQrLw==
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;700&family=Nunito:wght@400;700&family=Roboto:wght@400;700&display=swap
Requested by
Host: media.sezzle.com
URL: https://media.sezzle.com/style-guide/css/sezzle-global-4.1.4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f95.1e100.net
Software
ESF /
Resource Hash
327aaea46813b16c7434f262477933a26ae9a2331278e75b08f7822477adec14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://media.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 20:15:05 GMT
server
ESF
date
Fri, 10 Sep 2021 20:15:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 20:15:05 GMT
gtm.js
www.googletagmanager.com/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
519977f074ef03ceacc4775394cac77b22b70fe64d4ba3eea4efc6a1f8967de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63165
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:15:05 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=dji1nuv&ht=tk&f=22797&a=84259179&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dji1nuv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
last-modified
Wed, 02 Sep 2020 03:58:45 GMT
server
nginx
etag
"5f4f1875-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
pro.min.css
ka-p.fontawesome.com/releases/v5.15.3/css/ 		312 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/css/pro.min.css?token=32f48e933a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f734d8ecda48e6d98faab2e1e9b91d6c5f72b86408ea6e2126d4b1681b92ef4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:23:58 GMT
server
cloudflare
age
214476
etag
"6051683e-d23c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb538b3d6421c3-DUS
content-length
53820
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.3/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/css/pro-v4-shims.min.css?token=32f48e933a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce885aa8b86fb7d85992aae4435fb45b444f8d3919dca083c83a36d7600f96d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
age
9528181
etag
"6051683d-106a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb538b3d6521c3-DUS
content-length
4202
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.3/css/ 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/css/pro-v4-font-face.min.css?token=32f48e933a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e2037b36515615d60ab5bb486646219d9a2509df36f31a11c9b94ec6f4bd5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
age
9528181
etag
"6051683d-a08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb538b3d6621c3-DUS
content-length
2568
create-session
api.sezzle.com/v1/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-session
Protocol
H2
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type,x-sezzleinc-client
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
supported-countries
api.sezzle.com/v3/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v3/users/supported-countries
Protocol
H2
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
js
www.googletagmanager.com/gtag/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
524c522dfd49567bee5f3f2fcda8554c25ae3f608dac590f90e3eea6c89bd99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35192
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:15:05 GMT
version
api.sezzle.com/v3/metrics/ 		0
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=cd9b5eceb42083c5824d8cbc8d2ab823826d3b91
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
107.894d27e2b3f29c74e6ff.chunk.js
dashboard.sezzle.com/customer/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/107.894d27e2b3f29c74e6ff.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
no-cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295
:path
/customer/107.894d27e2b3f29c74e6ff.chunk.js
pragma
no-cache
purpose
prefetch
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2148
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:00 GMT
server
etag
W/"2a5afc8fbd8cc64f99066c7750205856"
vary
Accept-Encoding
x-amz-version-id
7aXeJbCiZNZieokUkjFDIJ.xnqu4o0P8
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
9BLETUEsruhCwUGOv_j7NkGQLlH8qzmWifK9hxtnM36uipWlq7zQ-g==
create-session
api.sezzle.com/v1/event/ 		0
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-session
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Client
web_customer_dashboard
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
/
o215203.ingest.sentry.io/api/1367589/envelope/ 		2 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
supported-countries
api.sezzle.com/v3/users/ 		484 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v3/users/supported-countries
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
null
Accept-Language
de-DE,de;q=0.9
X-SezzleInc-Auth-Resource
dashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
484
x-xss-protection
1; mode=block;
1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
fonts.gstatic.com/s/comfortaa/v30/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v30/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;700&family=Nunito:wght@400;700&family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f94.1e100.net
Software
sffe /
Resource Hash
6cb648705e0a85e22f37d8e3f53e5f73502af6cdeb5a3a96c7a74098f4c88474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 18:04:42 GMT
x-content-type-options
nosniff
age
180623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35116
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:48:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 18:04:42 GMT
f5e28690-e3b9-4eab-8d64-51d4051e7e96
ekr.zdassets.com/compose/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31de84a80c73bb3e6f58fd412817759440f8d54192fb95c4011dce9a1619a95
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
e34f85f8-7560-4018-8285-caa51268880f
x-runtime
0.002723
server
cloudflare
etag
W/"a31de84a80c73bb3e6f58fd412817759"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z86yHsNn2ZBDWe6uNfQuK2v3Pm8W14pqaPjXjFKbaKTnY0s0X0fis3Q1s5RqAdDQh0OeZxb4q2wyX90wlHdLOLrrlCWxW%2BnTUgHM07djsRg5oO6UhZYDTAtPxoD4U7EBVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
68cb538d7c692187-DUS
auth-status
api.sezzle.com/v4/users/ 		24 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v4/users/auth-status
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID
852543af-5407-4374-af36-1cdd10f09436
Content-Type
application/json
Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
ec76d214beb582fc476ab013026184e3
X-SezzleInc-Auth-Resource
dashboard

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
24
x-xss-protection
1; mode=block;
auth-status
api.sezzle.com/v4/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v4/users/auth-status
Protocol
H2
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
js
www.googletagmanager.com/gtag/ 		129 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7db1d8db98cbc45ef2fd72ce3fed7ef385661455795197cddd184a239517649b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51675
x-xss-protection
0
expires
Fri, 10 Sep 2021 20:15:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
/WTpo59hQVMFzmjZQvVh5jCZAQlVBjZ2dCxnJp/IWH+YM0VyTdemfkufEQIu1DvCatW2jtnWJOQoTuoeg+e9xA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Sep 2021 20:15:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4810
date
Fri, 10 Sep 2021 18:54:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 20:54:55 GMT
uwt.js
static.ads-twitter.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
via
1.1 varnish
last-modified
Wed, 25 Aug 2021 16:20:44 GMT
age
75381
etag
"934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
2119
x-timer
S1631304906.980917,VS0,VE0
x-served-by
cache-hhn11552-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.201.9 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-201-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 20:15:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=33926
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
bat.js
bat.bing.com/ 		0
0
installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 		579 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f95.1e100.net
Software
ESF /
Resource Hash
af17daaaf557097e549a7adabc198dcc3662282f1e8d55dd24460bb451a5bc22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://dashboard.sezzle.com/
x-goog-api-key
AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
456
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations
Protocol
H2
Server
64.233.184.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://dashboard.sezzle.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Fri, 10 Sep 2021 20:15:06 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ 		109 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9014dcfa36e96c512a7ab5b8d6cf2e21f75960e430b646ef6790c7c611531bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44638
x-xss-protection
0
expires
Fri, 10 Sep 2021 20:15:05 GMT
355731011522150
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/355731011522150?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
aa99245dff33f7e04b14d48e8d93045dc4c2746be074b5732e535d4e85980f15
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
SXWWaU5YhK43W+Q7xkHcc+S0LzgXtmKbweX7KL3qi3hvtbuq6lk0CVQq3MU11agoVDOXUdg8sxYjZvGplsnl3w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:15:06 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o18vo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 10 Sep 2021 20:15:06 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2507082ec12913d36f72d3f350a4a426e40d372304e10595f9459bc886ff5afc
x-transaction
20a13d7e4d7b4b01
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		0
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=2oe910&_p=1748387981&sr=1600x1200&ul=en-us&cid=1138635603.1631304906&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dt=Sezzle%20Customer%20Dashboard&sid=1631304905&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=2oe910&_p=1748387981&sr=1600x1200&ul=en-us&_fid=eKUvvlx3nimQXjOknfdKjW&cid=1138635603.1631304906&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dt=Sezzle%20Customer%20Dashboard&sid=1631304905&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PT4J8GM&t=gtm37&cid=1138635603.1631304906
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Google Tag Manager /
Resource Hash
31afbff764ae1aa0d97f478cd647b2d1606e95229264019e25e7fa5e1953f986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39272
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:15:06 GMT
collect
px.ads.linkedin.com/ 		0
0
web-widget-preload-c11c853e3495048c3769.js
static.zdassets.com/web_widget/latest/ Frame 6AE0 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f931727f5587eac50af01b169fde29a7e697d292417ba65ebcc48fa0350f986d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275817
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CVZFC63Y72DMDA0E
x-amz-id-2
oHLxD39THeQ+iPHbXq28vf99VvKmE/Gc2jMIBhbaPFRIxF3WckGdSRgM2Fq+lzoYf2KqapNIaZ0=
last-modified
Fri, 27 Aug 2021 00:36:48 GMT
server
cloudflare
etag
W/"494cdcdbb9f8aabb90662f90e86713a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DGOY5H07lggwAYdQSLLGnsBb0w1%2Bx8r6SA7eVnrqr6JFbGnO1GCZorIRQrd%2BO1%2FqmIoC8rk0vIGn316LYaLr144k3hxhLp7oV33HMEv7m1ph%2FKtY%2B7IRzJkSv%2FO0ZzC1E6uHus%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
qUzu2RsE4KTQBDKNYnerlPJrytK1UfHb
cf-ray
68cb538eed1a218d-DUS
expires
Sat, 27 Aug 2022 00:36:47 GMT
web-widget-framework-1b147c41a301f1c689d1.js
static.zdassets.com/web_widget/latest/ Frame 6AE0 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901b0c5f73b547d42ae394fdd0e64e844c04cc18bba2ef71b0530a940337e460
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275817
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CVZ4YDR99NZ9HF6N
x-amz-id-2
hvy4KfqH8xkMLWKxs6EAVHB2f/n1IzRy7yCdB4rfRLxFnDvtTt8aFyla+2L2Xa+jmezfrhya1i8=
last-modified
Fri, 27 Aug 2021 00:36:48 GMT
server
cloudflare
etag
W/"4ffd0070344c005afce1ff2d12d44e7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvOkSU6mfXh6fFEZKybOP7%2BL9b%2BActVZ2ENM7AiB45l6N%2F%2B0W1pSvmOz%2BKetgYa1GllZ6ra2CQm7MzM9fp%2Bt6L8E763mddml5dS6fLGb1ZQpYp4KEu%2BcFExBYh1w1IN9sl6azek%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
v41TCMXJjPtMAYoQuoT1GMc4uDmGKEn1
cf-ray
68cb538eed1c218d-DUS
expires
Sat, 27 Aug 2022 00:36:47 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame 6AE0 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4563061
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
R0EYV5D1T0BF03AA
x-amz-id-2
Qghgw0ifkOGufAvqKOVmJA8S1hhjyUvk8HaRBpVcPylOL1675/sXfyxasW37/csTZK9Bk9nWwHU=
last-modified
Mon, 19 Jul 2021 02:04:04 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RYp%2FBwQ6PWFpoAN4A1sB0yZHqiOyCWtJFh45LtVdfThVMG3agdcm3JZeoHUQntLABuRi5oKaZudm%2B1IOTuG0H%2B%2BWRnAttCD2l0grYZ5cUguQp%2BPuqDXH5R8cykAWPkEwBnsqEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
6nLy1oZDiI0GDEsA2cGfRKjp8Mm1fRS8
cf-ray
68cb538eed1d218d-DUS
expires
Tue, 19 Jul 2022 02:04:03 GMT
config
sezzle.zendesk.com/embeddable/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable/config
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203f2aa0c51c33fe0b7de96f1a2ee3778d06baa27b9b79cb43651bd243b2654b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-5d979d87f9-z5bhc
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
68cb53679cfa21ab-SEA, 68cb53679cfa21ab-SEA
x-runtime
0.001929
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aqw1tiVF2e%2FpICftp1t0FZQeOhoxvTDKoeAmhU8Zfjj5q3eIEJ0xNoi0Mxm2g08%2FVSxDDhk%2BuLyR74zVV0qcOQavxe%2BHFw2nu7nKMZFnfIZcLcgEamQ5hNyk%2FNr7Vrt6OdaATQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
68cb538f5b50faee-DUS
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1748387981&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dp=%2Fcustomer&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=1087170697&gjid=1170941739&cid=1138635603.1631304906&tid=UA-72079130-32&_gid=2000066366.1631304906&_r=1&gtm=2wg910MX2HJWM&z=375887064
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4811
date
Fri, 10 Sep 2021 18:54:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 20:54:55 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.init_consent&eid=71&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.init&eid=72&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.js&eid=3&tc=1&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.dom&eid=4&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.load&eid=46&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-72079130-32&cid=1138635603.1631304906&jid=1087170697&gjid=1170941739&_gid=2000066366.1631304906&_u=aCDAAEACQAAAAC~&z=1736075716
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Sep 2021 20:15:06 GMT
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
de-de-json-eff801a5400a44679d84.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 6AE0 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-eff801a5400a44679d84.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed960724bbe2cd29bd0efdd4876c335f45685fc3e28e3370e0468ef080e40f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275812
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
SQF437HY7GV24ES4
x-amz-id-2
0N8VSFoz0fo9aVZ9fAVz+1L00V+cnwHC0ZHZAb49yrT92JZvAmES/bpml3KqqeluyouGsY12o7s=
last-modified
Fri, 27 Aug 2021 00:36:01 GMT
server
cloudflare
etag
W/"93b2c0fba362ae1959dc1da4a5a00aef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=332sTP6uyhLPYcm8hweAIKoCMJHpyTT3T7BfqUdEzZmCGRkfmylAcwJsyglS6YI7WtKSSrSZVxhfKMgqgoIwAwPTDKoRVx5BdEpArukmN%2BDTRblVF8JxfjlrdlHLGcPmdt%2FaMCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
JSfF_Jy9UhfdfWuEN8oWeaPpAcG3FalX
cf-ray
68cb538f8e87218d-DUS
expires
Sat, 27 Aug 2022 00:36:00 GMT
web-widget-218-a0e6bddf78f556c0ba98.js
static.zdassets.com/web_widget/latest/ Frame 6AE0 		330 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-218-a0e6bddf78f556c0ba98.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dcaeb939318effbb2db3a742e54dba4b1d31e84858207fb43b75a4b6a576dd7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2915455
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CYH5G0V8B3BNGBZ2
x-amz-id-2
u/4qMlBYwI0XW+Qk65u4hCDsgZfaRatx8cZypzgKay3rPdsdyJ8Qh8Gc1MTHPBUhQJCwObKfEsc=
last-modified
Tue, 03 Aug 2021 06:50:09 GMT
server
cloudflare
etag
W/"d270a189c9839f5d9d7f3e49bbeae2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7QfSAQxdalrhoag6S3HzFRYaCjEiAKWAu7rMGyvoQIkxvX0CIBN375aJG8lCgg9KMC62XM63qpBZHLpV3ThHKx0hTgyKqfkzont%2Bv31PQkjA%2FeFfKGQpGXlii5eeXLgDMjrQ4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
CO1Q4F0knftXJhJ_G_3ur6l_KBqJQYfg
cf-ray
68cb538f8e8f218d-DUS
expires
Wed, 03 Aug 2022 06:50:08 GMT
web-widget-9829-5f3c12ec148288f64210.js
static.zdassets.com/web_widget/latest/ Frame 6AE0 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-9829-5f3c12ec148288f64210.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0987ab417187ff28db7f13e2ba5a66623e2b2cc83ba11308c8735df9a9db2792
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2223262
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
0TBVTKDTDJ250KXV
x-amz-id-2
5bO+qgDqNcVKvSDdlce2UZE4i7kssNkvvZiqospOLD2pcVMjTpHJNVmhpKtCJEokuQiTsV5rwjQ=
last-modified
Fri, 13 Aug 2021 00:23:50 GMT
server
cloudflare
etag
W/"c416333951b19b5a604bb7f65785650e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFmjCrW2bq84GvW0qWzIMBiWt1i4g3I6tKoIMbRpBT%2BJBX0rUwSsx1k%2FQxArvEY8CReJogYhy%2F%2FtQFeRr35ynbbvIJkzyMxw2iVfDBXSkxsddZuu9pP7nYMr4Yt%2BfEq31fIkOak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
49ot3h21npFAkxmz5L51VOsC2.m1cZtL
cf-ray
68cb538f8e91218d-DUS
expires
Sat, 13 Aug 2022 00:23:49 GMT
web_widget-34813b70768c992d1401.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 6AE0 		418 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-34813b70768c992d1401.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce29588c56c8a1ebb6b76aa0f861097422a599b1f7f433a2281de08bf036b5c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275817
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
SQFAQT2EKNRD81TW
x-amz-id-2
STImm3XbPqKkYQPtylJ6epqq+KFpv99WOSDGTU2EypalSbIQ9i2hV+jAH7LLPQ2g8QNK5aaFfaM=
last-modified
Fri, 27 Aug 2021 00:35:05 GMT
server
cloudflare
etag
W/"fef0d8fa8ff30afd8c9006a9344f1afc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Un%2Fo5tL5rkgwsSvS%2F81MVCKIE1pL%2Fx5rAhIbLs6cxkseG2lLuIKiATAva5LWVDTB8X%2FFqlqhxm3hB1Hn4iJlzCmB8t8PO7hD%2Fil3gI28OGfyFWxx%2Be3%2Bzbv3Wsq9rzcj3WzjIjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wZHvAZ2moLXZQaNmJ3MYT.Dl0vKLvC3V
cf-ray
68cb538f8e93218d-DUS
expires
Sat, 27 Aug 2022 00:35:04 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-72079130-32&cid=1138635603.1631304906&jid=1087170697&_u=aCDAAEACQAAAAC~&z=917689128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
embeddable_blip
sezzle.zendesk.com/ Frame 6AE0 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjE1OSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiYTFlYmMxZmU0ZjRkZmUyMTY4MWMyYTdlYWNlYTg2YjkiLCJzdWlkIjoiNjU4NTY4Yjk2MTdiY2ZjYThmNzI2NTRiZjIyYzFiMzAiLCJ2ZXJzaW9uIjoiNTM5OGNkMjgxIiwidGltZXN0YW1wIjoiMjAyMS0wOS0xMFQyMDoxNTowNi4yNzFaIiwidXJsIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbS9jdXN0b21lciJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFyeodcl%2FqIIc3Ciutbs0o%2Biez6XOzB2FjL6MxRa3RvkBDTakKPGlg4fsRA84hnYB%2Fp353fwzMRKuTtFF6elt8PRKF9bNxRGw0dvBKTKrWAoRg3z3Jo6dxab4vvNblRPmdX%2BdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dashboard.sezzle.com
accept-ranges
bytes
cf-ray
68cb53903cc0faee-DUS
vary
Accept-Encoding
content-length
0
x-request-id
46ac460d72a08ef5941320ea667bce7c
embeddable_blip
sezzle.zendesk.com/ Frame 6AE0 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiYXV0aGVudGljYXRlIjp7ImhlbHBDZW50ZXIiOmZhbHNlLCJjaGF0Ijp0cnVlfSwiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZX19fSwiYnVpZCI6ImExZWJjMWZlNGY0ZGZlMjE2ODFjMmE3ZWFjZWE4NmI5Iiwic3VpZCI6IjY1ODU2OGI5NjE3YmNmY2E4ZjcyNjU0YmYyMmMxYjMwIiwidmVyc2lvbiI6IjUzOThjZDI4MSIsInRpbWVzdGFtcCI6IjIwMjEtMDktMTBUMjA6MTU6MDYuMjc5WiIsInVybCI6Imh0dHBzOi8vZGFzaGJvYXJkLnNlenpsZS5jb20vY3VzdG9tZXIifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flj15H50x2Z426QHxhC92Me6pyr3fy571fGIdvVV5m8%2B0HgM9akO48F6lSTvv8ZLLq%2BFw7JPuiagttGSQpjrcJf1siH%2FvMH3St5iOeazaOBTa%2FBggik1kO364uZX42mWcGAreg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dashboard.sezzle.com
accept-ranges
bytes
cf-ray
68cb53904cd7faee-DUS
vary
Accept-Encoding
content-length
0
x-request-id
e286d2655e093eb5ced5410024ff15b9
embeddable_blip
sezzle.zendesk.com/ Frame 6AE0 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sezzle.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbS9jdXN0b21lciIsInRpbWUiOjMwLCJsb2FkVGltZSI6MjUuMTAwMDAwMDIzODQxODU4LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiU2V6emxlIEN1c3RvbWVyIERhc2hib2FyZCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiYTFlYmMxZmU0ZjRkZmUyMTY4MWMyYTdlYWNlYTg2YjkiLCJzdWlkIjoiNjU4NTY4Yjk2MTdiY2ZjYThmNzI2NTRiZjIyYzFiMzAiLCJ2ZXJzaW9uIjoiNTM5OGNkMjgxIiwidGltZXN0YW1wIjoiMjAyMS0wOS0xMFQyMDoxNTowNi4zMDBaIiwidXJsIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbS9jdXN0b21lciJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3KGzJR9ITGmriSqE6eiPeviMhSXPrYKCezOpTTlb56J%2FSb3exNbJF33sc0wGfG5LbRvwD831dC9cZDuWkdCkrmaU1fN2otoZXGvJuM7KcVkg2igjYtcgsSi4Dlm7C7TLk%2FDGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dashboard.sezzle.com
accept-ranges
bytes
cf-ray
68cb53906d11faee-DUS
vary
Accept-Encoding
content-length
0
x-request-id
c0ca14ebd9d56653228058f8f6a36658
805817303491823
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/805817303491823?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
8b6f85650179a50962a4a91b3d3c5e886091705d52013014f9a559ddf2dce51a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
k6ZvLWUvxkeoEZaP89l7VY470yW7Qdrtbhg8FTM7Jv9WcH1c0EBOrj3bikN+3VPkQES0ZB8Gvdt4spw567OgIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:15:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=355731011522150&ev=PageView&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&rl=&if=false&ts=1631304906620&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631304906620.1712131926&it=1631304905976&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 10 Sep 2021 20:15:06 GMT
107.894d27e2b3f29c74e6ff.chunk.js
dashboard.sezzle.com/customer/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/107.894d27e2b3f29c74e6ff.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
f129590eb4922e2dcdfaf0ddf0f626303dc8353123add4dc95a3f30b15277567
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/107.894d27e2b3f29c74e6ff.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304905.0; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2149
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:00 GMT
server
etag
W/"2a5afc8fbd8cc64f99066c7750205856"
vary
Accept-Encoding
x-amz-version-id
7aXeJbCiZNZieokUkjFDIJ.xnqu4o0P8
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
rsLyPgsoecBFkU3XpXqRkxhdXD8G40SxHqklF1E-DpqLSWtQ--l0Lw==
fs.js
edge.fullstory.com/s/ 		210 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/main.d4a83d317b33e4f74b46.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5

Request headers

Referer
https://dashboard.sezzle.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:21:43 GMT
content-encoding
gzip
age
3203
x-guploader-uploadid
ADPycdt1Y215vbW0ZGA9gkrBBovwnWJstrV8p8-ExIMXf9gNiYXq-qAn9CvrrPaxewcZMKUqMjlHTNQhzM2-Ght2JDcNgfLbag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
64293
last-modified
Thu, 26 Aug 2021 17:33:28 GMT
server
UploadServer
etag
"3279f654c7f61ca00ecbb7d2ef197511"
x-goog-hash
crc32c=sObuww==, md5=Mnn2VMf2HKAOy7fS7xl1EQ==
x-goog-generation
1629999208621409
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
64293
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 10 Sep 2021 20:21:43 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f71db6db6d75014ae0171f4ba2054b978920e0d5f82eeafedd985a9cb32fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
remoteconfig
api.sezzle.com/v1/ 		377 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/remoteconfig
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
606e4ce1757f0a0645092c0262e70006a4c64b96251b7e170dd155029c75738b
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
ec76d214beb582fc476ab013026184e3
Accept-Language
de-DE,de;q=0.9
X-SezzleInc-Auth-Resource
dashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID
852543af-5407-4374-af36-1cdd10f09436

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
377
x-xss-protection
1; mode=block;
remoteconfig
api.sezzle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/remoteconfig
Protocol
H2
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
create-event
api.sezzle.com/v1/event/ 		0
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-event
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Client
web_customer_dashboard
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block;
create-event
api.sezzle.com/v1/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/v1/event/create-event
Protocol
H2
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type,x-sezzleinc-client
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
86.c86aaa6b86b4d1579521.chunk.js
dashboard.sezzle.com/customer/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/86.c86aaa6b86b4d1579521.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
no-cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304906.0; szl_wpe_sid=92f6e0af-a266-46f1-9123-34eeb57f3f6f
:path
/customer/86.c86aaa6b86b4d1579521.chunk.js
pragma
no-cache
purpose
prefetch
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1918
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:06 GMT
server
etag
W/"13df3d0c812eb66821db9bf057a9c243"
vary
Accept-Encoding
x-amz-version-id
a7pBraw5GbL9Sgpq2AVsF7aC9QOvk6AK
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
WbpV59mnPIMt8Wzdp6ODCFVQzq7m5Diit6WHm3ODmLI2MVDnHjzogQ==
108.a1a4c373555b78650220.chunk.js
dashboard.sezzle.com/customer/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/108.a1a4c373555b78650220.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
ce64f71999c236872b963fb77c5ec92f1d99486c7cc5b52bb6049748d6f1e4e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/108.a1a4c373555b78650220.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304906.0; szl_wpe_sid=92f6e0af-a266-46f1-9123-34eeb57f3f6f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1916
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:00 GMT
server
etag
W/"64de32ba653c5fa03fc9285495652e78"
vary
Accept-Encoding
x-amz-version-id
JRST_kFqk3vka0R7HDK_Rw19ZkznjNFB
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
M8kQe-ZZycr6u-s---tjaAOwg6mxnQZsEpyBdiHayUXcXwhuw3EjRw==
npm.react-helmet.2267e83e9fef5a043e2f.chunk.js
dashboard.sezzle.com/customer/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-helmet.2267e83e9fef5a043e2f.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
ae949df069231c45bd6624d6f5d5b436c4e7a75cbdbb939a564da959e0cf501c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-helmet.2267e83e9fef5a043e2f.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304906.0; szl_wpe_sid=92f6e0af-a266-46f1-9123-34eeb57f3f6f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2178
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"5d6e6316f5a35883342531010bbd46c3"
vary
Accept-Encoding
x-amz-version-id
cKOtucy5.AsoJkoTqatB7xPY0R6mDt3d
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
fuUn0OSN9X4JeJkOkwvD51jx0GbOBWq6UU4-CidM0vctBhvx_qntpg==
npm.react-side-effect.0fb0f3aa0cd4fd0af64c.chunk.js
dashboard.sezzle.com/customer/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-side-effect.0fb0f3aa0cd4fd0af64c.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
a4dfa9d6961e54844ce45f857c989c61c46ea5ceb215bd05e083a2d05956628a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-side-effect.0fb0f3aa0cd4fd0af64c.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304906.0; szl_wpe_sid=92f6e0af-a266-46f1-9123-34eeb57f3f6f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2178
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"f149e4e4c9a92c92e3677b342df3f3f0"
vary
Accept-Encoding
x-amz-version-id
HXLkeCqP7duM8Ig0N4PGE_wu_fgQF_lp
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
H3Df1-Yu89YpQ8IGqvCkghaxw5f1BfdWRA0i9EVcyOnUaB5xmWWzgg==
npm.react-burger-menu.a19bfd1c7d8c005a28b2.chunk.js
dashboard.sezzle.com/customer/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/npm.react-burger-menu.a19bfd1c7d8c005a28b2.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
0738d66c142a2a7f4424d809b08d449b3b02acdaea7f7653870cd79ec7550d01
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/npm.react-burger-menu.a19bfd1c7d8c005a28b2.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304906.0; szl_wpe_sid=92f6e0af-a266-46f1-9123-34eeb57f3f6f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2178
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:08 GMT
server
etag
W/"441c7d8541001c8eeaaf2d5cc10b0bb9"
vary
Accept-Encoding
x-amz-version-id
46TWvAZTr1T_HPLGL4e3wZekVSdDCOb.
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
-ycRDsZFBACCXMY8OTwg5x_ks1gVMKGzuPQ58KgwGK2ccHqq2MTaPA==
65.663c24126662696cf70a.chunk.js
dashboard.sezzle.com/customer/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.sezzle.com/customer/65.663c24126662696cf70a.chunk.js
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/runtime.d4b4bc1df28339ce0b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
/
Resource Hash
fdf5d5c34251cc6c51ccd606bf4ddeb3767eb5ed9fc5370d503e5c184dabe3f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/customer/65.663c24126662696cf70a.chunk.js
pragma
no-cache
cookie
szl_wpe_sid_lt=e7b96aa1-226a-49dc-acfc-9f0e832db8f6; szl_wpe_fs_rand=0.2027907842329295; fingerprint=ec76d214beb582fc476ab013026184e3; trk_id=852543af-5407-4374-af36-1cdd10f09436; _gcl_au=1.1.2095574033.1631304906; _ga_1MJLY6RLKW=GS1.1.1631304905.1.0.1631304906.0; _ga=GA1.2.1138635603.1631304906; _gid=GA1.2.2000066366.1631304906; _gat_UA-72079130-32=1; _fbp=fb.1.1631304906620.1712131926; _ga_FB5QYFCQBC=GS1.1.1631304905.1.0.1631304906.0; szl_wpe_sid=92f6e0af-a266-46f1-9123-34eeb57f3f6f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dashboard.sezzle.com
referer
https://dashboard.sezzle.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1913
x-cache
Hit from cloudfront
strict-transport-security
max-age=15724800; includeSubDomains;
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 09 Sep 2021 15:57:05 GMT
server
etag
W/"0d19a6238ba0acff44ca87096a9e58c0"
vary
Accept-Encoding
x-amz-version-id
QMd1W4T3B30_2.fMH34h5U1MK_WBFuEI
via
1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
content-security-policy
default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win;
x-amz-cf-pop
HEL50-C2
content-type
application/javascript
x-amz-cf-id
xS9IfN1dDZLwKbbwk6AIV_EeSLBJRJKvMDpbRP3YYT5lp-DqfAzZXg==
page
rs.fullstory.com/rec/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
330e252d4ec1248374a01f4eb4ba728fd407255b1d49c9cb3f28875a3e958e1c

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Sep 2021 20:15:07 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-allow-credentials
true
alt-svc
clear
content-length
1532
via
1.1 google
/
api.sezzle.com/userasks/v1/low/external/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/userasks/v1/low/external/
Protocol
H2
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Origin
https://dashboard.sezzle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 20:15:06 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, *
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://dashboard.sezzle.com
access-control-max-age
50
vary
Origin
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;
Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-17.hel50.r.cloudfront.net
Software
/
Resource Hash
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:18:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 17:10:33 GMT
server
age
3424
etag
W/"0fb7c8e946de60d298e697e3143a598e"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
access-control-max-age
86400
x-cache
Hit from cloudfront
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
TAKCBo6M_8yVW0EYyipX2V__VqsGNe8CAYI0YXGWcjmv16tYLWbZ9Q==
via
1.1 43235ad12d781e3fd6dab94bb2a51ca0.cloudfront.net (CloudFront)
/
api.sezzle.com/userasks/v1/low/external/ 		18 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sezzle.com/userasks/v1/low/external/
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.214.152.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-152-176.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json
Referer
https://dashboard.sezzle.com/
X-SezzleInc-FP
ec76d214beb582fc476ab013026184e3
Accept-Language
de-DE,de;q=0.9
X-SezzleInc-Auth-Resource
dashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-SezzleInc-Trk-ID
852543af-5407-4374-af36-1cdd10f09436

Response headers

date
Fri, 10 Sep 2021 20:15:07 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
access-control-expose-headers
X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
18
x-xss-protection
1; mode=block;
ipdetails
geoip.sezzle.com/v1/geoip/ 		233 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.sezzle.com/v1/geoip/ipdetails
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.162.27.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-27-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e693f7c1a8e08a54136f3bd873233dfaac12926b50d30c3209f631509c086337
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:07 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dashboard.sezzle.com
access-control-allow-credentials
true
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security
max-age=15724800; includeSubDomains
content-length
233
x-xss-protection
1; mode=block;
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=805817303491823&ev=PageView&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin&rl=&if=false&ts=1631304907070&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1631304906620.1712131926&it=1631304905976&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 10 Sep 2021 20:15:07 GMT
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=13FHV&UserId=5447869298024448&SessionId=6031728997736448&PageId=6590373749760000&Seq=1&PageStart=1631304906950&PrevBundleTime=0&LastActivity=337&IsNewSession=true
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
91ba8ff8e96993190648c4dbb17f65c4ab7f2dc869993300adae2e9d81cc1f5b

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dashboard.sezzle.com
date
Fri, 10 Sep 2021 20:15:07 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
fs.js
edge.fullstory.com/s/ Frame F45A 		210 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5

Request headers

Referer
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:21:43 GMT
content-encoding
gzip
age
3204
x-guploader-uploadid
ADPycdt1Y215vbW0ZGA9gkrBBovwnWJstrV8p8-ExIMXf9gNiYXq-qAn9CvrrPaxewcZMKUqMjlHTNQhzM2-Ght2JDcNgfLbag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
64293
last-modified
Thu, 26 Aug 2021 17:33:28 GMT
server
UploadServer
etag
"3279f654c7f61ca00ecbb7d2ef197511"
x-goog-hash
crc32c=sObuww==, md5=Mnn2VMf2HKAOy7fS7xl1EQ==
x-goog-generation
1629999208621409
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
64293
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 10 Sep 2021 20:21:43 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.historyChange&eid=86&u=C&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:07 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=*&eid=105&u=C&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:07 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.0.0.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cca78091358bd19fc803d1dd22af5419766b9921a5fd8eb1b8a27a9220eefc

Request headers

Referer
https://dashboard.sezzle.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:07 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:28:31 GMT
server
cloudflare
age
186961
etag
"6051694f-4d8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb53979bca21c3-DUS
content-length
19852
pro-fa-regular-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.0.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582b999c86cf975e3451523ebecd51377fc79554646a62bb88b1f239ff6ddc39

Request headers

Referer
https://dashboard.sezzle.com/
Origin
https://dashboard.sezzle.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:07 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 02:28:28 GMT
server
cloudflare
age
186961
etag
"6051694c-5b60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68cb53979bce21c3-DUS
content-length
23392
us.svg
lipis.github.io/flag-icon-css/flags/4x3/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lipis.github.io/flag-icon-css/flags/4x3/us.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
477560de7104f741783b4bf245ba2565eb0e36e1
date
Fri, 10 Sep 2021 20:15:07 GMT
content-encoding
gzip
age
281
x-cache
HIT
content-length
727
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
last-modified
Mon, 26 Jul 2021 02:17:40 GMT
server
GitHub.com
x-github-request-id
4B94:131AC:9350A:9B825:61146978
x-timer
S1631304907.476350,VS0,VE0
etag
W/"60fe1b44-116d"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
expires
Thu, 12 Aug 2021 00:27:49 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
2
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=*&eid=114&u=C&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:07 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=355731011522150&ev=Microdata&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin&rl=&if=false&ts=1631304908126&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sezzle%20Dashboard%3A%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631304906620.1712131926&it=1631304905976&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 10 Sep 2021 20:15:08 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PT4J8GM&cv=6&v=3&t=t&pid=279939455&rv=910&es=1&e=gtm.historyChange-v2&eid=123&u=C&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.71.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:08 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=805817303491823&ev=Microdata&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin&rl=&if=false&ts=1631304908571&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sezzle%20Dashboard%3A%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1631304906620.1712131926&it=1631304905976&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.sezzle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:15:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 10 Sep 2021 20:15:08 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=2oe910&_p=1748387981&sr=1600x1200&ul=en-us&cid=1138635603.1631304906&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dt=Sezzle%20Customer%20Dashboard&sid=1631304905&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=2oe910&_p=1748387981&sr=1600x1200&ul=en-us&_fid=eKUvvlx3nimQXjOknfdKjW&cid=1138635603.1631304906&_s=2&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer&dt=Sezzle%20Customer%20Dashboard&sid=1631304905&sct=1&seg=0&en=web_dsh_refresh_token_login_failure&_et=660&ep.origin=firebase&ep.metrics=%5Bobject%20Object%5D&ep.szl_trk_ver=v1&ep.locale=en-US
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:15:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.sezzle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle
rs.fullstory.com/rec/ 		29 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=13FHV&UserId=5447869298024448&SessionId=6031728997736448&PageId=6590373749760000&Seq=2&PageStart=1631304906950&PrevBundleTime=1631304907686&LastActivity=4799&IsNewSession=true
Requested by
Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/npm.sentry.6184fbf63f9871b2ca5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
3c7bae7bd31e10a7a6c2d517f69333a7027dedec019f16bdb6c21aec3a923101

Request headers

Referer
https://dashboard.sezzle.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dashboard.sezzle.com
date
Fri, 10 Sep 2021 20:15:12 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
t.co
URL
https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o18vo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1101490&time=1631304906044&url=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-72079130-32&cid=1138635603.1631304906&jid=1087170697&_u=aCDAAEACQAAAAC~&z=917689128

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| FontAwesomeKitConfig object| zESettings object| webpackJsonp object| SENTRY_RELEASE object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ function| gtag function| Payment object| zEWebpackACJsonp function| zE function| zEmbed object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| twq string| _linkedin_data_partner_id object| twttr object| gaGlobal function| onYouTubeIframeAPIReady object| gaplugins object| gaData boolean| zEACLoaded function| lintrk boolean| _already_called_lintrk object| google_optimize function| $zopim function| ZENDESK_AUTHENTICATION_CALLBACK boolean| _fs_is_outer_script boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized object| szlShpDashCfg string| _fs_loaded function| _fs_shutdown number| openHTTPs object| __sentry_instrumentation_handlers__

16 Cookies

Domain/Path Name / Value
dashboard.sezzle.com/ Name: szl_wpe_sid_lt
Value: e7b96aa1-226a-49dc-acfc-9f0e832db8f6
dashboard.sezzle.com/ Name: szl_wpe_fs_rand
Value: 0.2027907842329295
.sezzle.com/ Name: fingerprint
Value: ec76d214beb582fc476ab013026184e3
.sezzle.com/ Name: trk_id
Value: 852543af-5407-4374-af36-1cdd10f09436
.sezzle.com/ Name: _gcl_au
Value: 1.1.2095574033.1631304906
.sezzle.com/ Name: _ga
Value: GA1.2.1138635603.1631304906
.sezzle.com/ Name: _gid
Value: GA1.2.2000066366.1631304906
.sezzle.com/ Name: _gat_UA-72079130-32
Value: 1
.twitter.com/ Name: personalization_id
Value: "v1_40wFVt5rnML22YE07ItI9Q=="
.sezzle.com/ Name: _fbp
Value: fb.1.1631304906620.1712131926
.facebook.com/ Name: fr
Value: 09k5Cb7hxGyVV3xg9..BhO7zK...1.0.BhO7zK.
.sezzle.com/ Name: _ga_FB5QYFCQBC
Value: GS1.1.1631304905.1.0.1631304906.0
dashboard.sezzle.com/ Name: szl_wpe_sid
Value: 92f6e0af-a266-46f1-9123-34eeb57f3f6f
.sezzle.com/ Name: _szl_login_success_url
Value: %7B%22pathname%22%3A%22%2F%22%2C%22search%22%3A%22%22%2C%22hash%22%3A%22%22%7D
.sezzle.com/ Name: fs_uid
Value: rs.fullstory.com#13FHV#5447869298024448:6031728997736448/1662840906
.sezzle.com/ Name: _ga_1MJLY6RLKW
Value: GS1.1.1631304905.1.1.1631304907.0

6 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM(Line 40)
Message:
Refused to load the script 'https://bat.bing.com/bat.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dashboard.sezzle.com/customer
Message:
Refused to load the image 'https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o18vo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:".
security error URL: https://dashboard.sezzle.com/customer
Message:
Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1101490&time=1631304906044&url=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:".
security error URL: https://dashboard.sezzle.com/customer
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-72079130-32&cid=1138635603.1631304906&jid=1087170697&_u=aCDAAEACQAAAAC~&z=917689128' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:".
network error URL: https://api.sezzle.com/v4/users/auth-status
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://api.sezzle.com/userasks/v1/low/external/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.fullstory.com *.googletagmanager.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com; child-src 'self'; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com;
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.sezzle.com
bat.bing.com
connect.facebook.net
dashboard.sezzle.com
edge.fullstory.com
ekr.zdassets.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
geoip.sezzle.com
ka-p.fontawesome.com
kit.fontawesome.com
lipis.github.io
media.sezzle.com
o215203.ingest.sentry.io
p.typekit.net
px.ads.linkedin.com
rs.fullstory.com
sezzle.zendesk.com
snap.licdn.com
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bat.bing.com
px.ads.linkedin.com
t.co
www.google.de
104.16.53.111
104.18.23.52
104.18.70.113
104.244.42.67
108.177.15.94
13.32.143.100
13.32.143.17
142.250.110.106
142.251.5.157
157.240.20.19
157.240.20.35
173.194.76.113
184.25.50.11
185.199.111.153
199.232.136.157
2.20.201.9
23.37.33.211
34.120.195.249
34.214.152.176
35.162.27.45
35.186.194.58
35.201.112.186
64.233.167.95
64.233.184.95
74.125.71.97
04cca78091358bd19fc803d1dd22af5419766b9921a5fd8eb1b8a27a9220eefc
0515aace0267a9f51d900b1dd3d7857da6aca764f09fd5323a16aadb1e7b0cc2
0738d66c142a2a7f4424d809b08d449b3b02acdaea7f7653870cd79ec7550d01
0987ab417187ff28db7f13e2ba5a66623e2b2cc83ba11308c8735df9a9db2792
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
10bc36e1d6b50fa50af3b48d4a3a2bae345733d592b9d5c9b39b5e9977135619
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118074c0ce3ae7f35c22ec90abc477b85a24ab9896bc7ae07c8ec983d4d865dc
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d660ee1823483918997ffb5b64e9a085e47657fab4eb92810eafa3e02ed2ef3
203f2aa0c51c33fe0b7de96f1a2ee3778d06baa27b9b79cb43651bd243b2654b
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
22e2037b36515615d60ab5bb486646219d9a2509df36f31a11c9b94ec6f4bd5c
31afbff764ae1aa0d97f478cd647b2d1606e95229264019e25e7fa5e1953f986
327aaea46813b16c7434f262477933a26ae9a2331278e75b08f7822477adec14
330e252d4ec1248374a01f4eb4ba728fd407255b1d49c9cb3f28875a3e958e1c
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3c7bae7bd31e10a7a6c2d517f69333a7027dedec019f16bdb6c21aec3a923101
4022a59538c4929ffc401db99b7b3cf9f54915c033374c0590a8692bfd1b6d23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5
519977f074ef03ceacc4775394cac77b22b70fe64d4ba3eea4efc6a1f8967de3
524c522dfd49567bee5f3f2fcda8554c25ae3f608dac590f90e3eea6c89bd99c
582b999c86cf975e3451523ebecd51377fc79554646a62bb88b1f239ff6ddc39
606e4ce1757f0a0645092c0262e70006a4c64b96251b7e170dd155029c75738b
63434d17aa8f991199611e64bfc195a53a5e1b0b3f2201d47ceefe6cb88cb398
64334d7cb5554ade320e458be83b6093f963bdc54496724c6caa4f58066398e1
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
6876f84f6ecdb4e9abc8810f8c6fd73c122d0038bb8902ae8eb8f9332a41563b
6cb648705e0a85e22f37d8e3f53e5f73502af6cdeb5a3a96c7a74098f4c88474
6eb2c4435e417790d5649480d79dce0b5d6c5c1d4cd818eef4f7595bfdf44a4f
7db1d8db98cbc45ef2fd72ce3fed7ef385661455795197cddd184a239517649b
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c3d0be5853811eb7a54321b76b0b0eff3d0887afd80b9f6ad9e2efe1caaac1
8b6f85650179a50962a4a91b3d3c5e886091705d52013014f9a559ddf2dce51a
8d29352d4d1c803fd2f2d13512a76ceca4c092188a237d54fa42066baf0db4c7
9014dcfa36e96c512a7ab5b8d6cf2e21f75960e430b646ef6790c7c611531bec
901b0c5f73b547d42ae394fdd0e64e844c04cc18bba2ef71b0530a940337e460
91ba8ff8e96993190648c4dbb17f65c4ab7f2dc869993300adae2e9d81cc1f5b
96a83ae255efeca137c915b8073be91f113ccb1f80d439fea668bddcd8186c28
9826c009e36fe0da5e92e5b2c8ec5d924a62d7a0908afb22ae775930c6f4c941
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
9dcaeb939318effbb2db3a742e54dba4b1d31e84858207fb43b75a4b6a576dd7
9ed960724bbe2cd29bd0efdd4876c335f45685fc3e28e3370e0468ef080e40f2
a31de84a80c73bb3e6f58fd412817759440f8d54192fb95c4011dce9a1619a95
a4dfa9d6961e54844ce45f857c989c61c46ea5ceb215bd05e083a2d05956628a
aa99245dff33f7e04b14d48e8d93045dc4c2746be074b5732e535d4e85980f15
ae949df069231c45bd6624d6f5d5b436c4e7a75cbdbb939a564da959e0cf501c
af17daaaf557097e549a7adabc198dcc3662282f1e8d55dd24460bb451a5bc22
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
cbb6429c652e5da628b9ebcc4ed35d8b104d1b9696496d924fa661c139fe49dd
ce3d5a8e199cd958fd8087f01e01bd9250a869c3ff266876f91545d140062d24
ce64f71999c236872b963fb77c5ec92f1d99486c7cc5b52bb6049748d6f1e4e4
ce885aa8b86fb7d85992aae4435fb45b444f8d3919dca083c83a36d7600f96d7
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d4f71db6db6d75014ae0171f4ba2054b978920e0d5f82eeafedd985a9cb32fb8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e693f7c1a8e08a54136f3bd873233dfaac12926b50d30c3209f631509c086337
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f129590eb4922e2dcdfaf0ddf0f626303dc8353123add4dc95a3f30b15277567
f734d8ecda48e6d98faab2e1e9b91d6c5f72b86408ea6e2126d4b1681b92ef4c
f931727f5587eac50af01b169fde29a7e697d292417ba65ebcc48fa0350f986d
fce29588c56c8a1ebb6b76aa0f861097422a599b1f7f433a2281de08bf036b5c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdf5d5c34251cc6c51ccd606bf4ddeb3767eb5ed9fc5370d503e5c184dabe3f5
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3